diff options
| author | Richard W.M. Jones <rjones@redhat.com> | 2010-11-13 14:58:50 +0000 |
|---|---|---|
| committer | Richard W.M. Jones <rjones@redhat.com> | 2010-11-13 14:58:50 +0000 |
| commit | b943d06466724df39b7261ce75e43b0201ed7372 (patch) | |
| tree | b7c5a714c431ec9cbecf2958cac54787e5efec78 /src/filearch.c | |
| parent | 9674a73c08e128d8a7a39a6be6140c373c0e61f0 (diff) | |
| download | libguestfs-b943d06466724df39b7261ce75e43b0201ed7372.tar.gz libguestfs-b943d06466724df39b7261ce75e43b0201ed7372.tar.xz libguestfs-b943d06466724df39b7261ce75e43b0201ed7372.zip | |
filearch: Refuse to download initrd if it is huge.
Diffstat (limited to 'src/filearch.c')
| -rw-r--r-- | src/filearch.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/filearch.c b/src/filearch.c index 35a2ceb1..14c7c027 100644 --- a/src/filearch.c +++ b/src/filearch.c @@ -147,6 +147,14 @@ cpio_arch (guestfs_h *g, const char *file, const char *path) else method = "cat"; + /* Security: Refuse to download initrd if it is huge. */ + int64_t size = guestfs_filesize (g, path); + if (size == -1 || size > 100000000) { + error (g, _("size of %s unreasonable (%" PRIi64 " bytes)"), + path, size); + goto out; + } + if (mkdtemp (dir) == NULL) { perrorf (g, "mkdtemp"); goto out; |