diff options
author | Richard W.M. Jones <rjones@redhat.com> | 2010-11-15 12:40:02 +0000 |
---|---|---|
committer | Richard W.M. Jones <rjones@redhat.com> | 2010-11-15 22:25:15 +0000 |
commit | 8a3a4c25d3bb63674c9ccf8483d9bfd89085fe47 (patch) | |
tree | ce7bc88fc76852ae972b70644875cd9af9efbd52 /src | |
parent | 2729421d176e1194537b499911a5eeb5e32a8b09 (diff) | |
download | libguestfs-8a3a4c25d3bb63674c9ccf8483d9bfd89085fe47.tar.gz libguestfs-8a3a4c25d3bb63674c9ccf8483d9bfd89085fe47.tar.xz libguestfs-8a3a4c25d3bb63674c9ccf8483d9bfd89085fe47.zip |
inspect: Centralize all file downloads through a single function.
Diffstat (limited to 'src')
-rw-r--r-- | src/inspect.c | 84 |
1 files changed, 52 insertions, 32 deletions
diff --git a/src/inspect.c b/src/inspect.c index e8c29a36..f0002cd8 100644 --- a/src/inspect.c +++ b/src/inspect.c @@ -207,6 +207,7 @@ static int add_fstab_entry (guestfs_h *g, struct inspect_fs *fs, static char *resolve_fstab_device (guestfs_h *g, const char *spec); static void check_package_format (guestfs_h *g, struct inspect_fs *fs); static void check_package_management (guestfs_h *g, struct inspect_fs *fs); +static int download_to_tmp (guestfs_h *g, const char *filename, char *localtmp, int64_t max_size); static int check_for_filesystem_on (guestfs_h *g, const char *device) @@ -952,12 +953,7 @@ check_windows_arch (guestfs_h *g, struct inspect_fs *fs) static int check_windows_registry (guestfs_h *g, struct inspect_fs *fs) { - TMP_TEMPLATE_ON_STACK (dir); -#define dir_len (strlen (dir)) -#define software_hive_len (dir_len + 16) - char software_hive[software_hive_len]; -#define cmd_len (dir_len + 16) - char cmd[cmd_len]; + TMP_TEMPLATE_ON_STACK (software_local); size_t len = strlen (fs->windows_systemroot) + 64; char software[len]; @@ -975,25 +971,10 @@ check_windows_registry (guestfs_h *g, struct inspect_fs *fs) hive_h *h = NULL; hive_value_h *values = NULL; - /* Security: Refuse to download registry if it is huge. */ - int64_t size = guestfs_filesize (g, software_path); - if (size == -1 || size > 100000000) { - error (g, _("size of %s unreasonable (%" PRIi64 " bytes)"), - software_path, size); + if (download_to_tmp (g, software_path, software_local, 100000000) == -1) goto out; - } - - if (mkdtemp (dir) == NULL) { - perrorf (g, "mkdtemp"); - goto out; - } - snprintf (software_hive, software_hive_len, "%s/software", dir); - - if (guestfs_download (g, software_path, software_hive) == -1) - goto out; - - h = hivex_open (software_hive, g->verbose ? HIVEX_OPEN_VERBOSE : 0); + h = hivex_open (software_local, g->verbose ? HIVEX_OPEN_VERBOSE : 0); if (h == NULL) { perrorf (g, "hivex_open"); goto out; @@ -1070,15 +1051,9 @@ check_windows_registry (guestfs_h *g, struct inspect_fs *fs) free (values); free (software_path); - /* Free up the temporary directory. Note the directory name cannot - * contain shell meta-characters because of the way it was - * constructed above. - */ - snprintf (cmd, cmd_len, "rm -rf %s", dir); - ignore_value (system (cmd)); -#undef dir_len -#undef software_hive_len -#undef cmd_len + /* Free up the temporary file. */ + unlink (software_local); +#undef software_local_len return ret; } @@ -1483,6 +1458,51 @@ guestfs__inspect_get_package_management (guestfs_h *g, const char *root) return ret; } +/* Download to a guest file to a local temporary file. Refuse to + * download the guest file if it is larger than max_size. The caller + * is responsible for deleting the temporary file after use. + */ +static int +download_to_tmp (guestfs_h *g, const char *filename, + char *localtmp, int64_t max_size) +{ + int fd; + char buf[32]; + int64_t size; + + size = guestfs_filesize (g, filename); + if (size == -1) + /* guestfs_filesize failed and has already set error in handle */ + return -1; + if (size > max_size) { + error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"), + filename, size); + return -1; + } + + fd = mkstemp (localtmp); + if (fd == -1) { + perrorf (g, "mkstemp"); + return -1; + } + + snprintf (buf, sizeof buf, "/dev/fd/%d", fd); + + if (guestfs_download (g, filename, buf) == -1) { + close (fd); + unlink (localtmp); + return -1; + } + + if (close (fd) == -1) { + perrorf (g, "close: %s", localtmp); + unlink (localtmp); + return -1; + } + + return 0; +} + #else /* no PCRE or hivex at compile time */ /* XXX These functions should be in an optgroup. */ |