[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [PATCH 6/8] NFC: Allow multiple config files in inspect_with_augeas in inspect_fs_unix.c



On 11/24/2011 12:03 PM, Richard W.M. Jones wrote:
On Wed, Nov 23, 2011 at 02:00:55PM +0000, Matthew Booth wrote:
  static int
-inspect_with_augeas (guestfs_h *g, struct inspect_fs *fs, const char *filename,
+inspect_with_augeas (guestfs_h *g, struct inspect_fs *fs,
+                     const char **configfiles,
                       int (*f) (guestfs_h *, struct inspect_fs *))
  {
-  /* Security: Refuse to do this if filename is too large. */
-  int64_t size = guestfs_filesize (g, filename);
-  if (size == -1)
-    /* guestfs_filesize failed and has already set error in handle */
-    return -1;
-  if (size>  MAX_AUGEAS_FILE_SIZE) {
-    error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"),
-           filename, size);
-    return -1;
+  /* Security: Refuse to do this if a config file is too large. */
+  for (const char **i = configfiles; *i != NULL; i++) {
+    if (guestfs_exists(g, *i) == 0) continue;
+
+    int64_t size = guestfs_filesize (g, *i);
+    if (size == -1)
+      /* guestfs_filesize failed and has already set error in handle */
+      return -1;
+    if (size>  MAX_AUGEAS_FILE_SIZE) {
+      error (g, _("size of %s is unreasonably large (%" PRIi64 " bytes)"),
+             *i, size);
+      return -1;
+    }
    }

This appears to remove the security check on 'filename' being too
large.

It checks all files and will return an error if any of them is too large.

Matt
--
Matthew Booth, RHCA, RHCSS
Red Hat Engineering, Virtualisation Team

GPG ID:  D33C3490
GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]