diff options
| author | Martin Matuska <mm@FreeBSD.org> | 2017-09-30 23:33:19 +0000 |
|---|---|---|
| committer | Martin Matuska <mm@FreeBSD.org> | 2017-09-30 23:33:19 +0000 |
| commit | 533ab3c53efbfd230b718ed77dc9ea4d1446ddfc (patch) | |
| tree | 7754efa68576e44389846bd73fad80a27240b0ba /libarchive/archive_read_support_format_mtree.c | |
| parent | b85c4c3da0a560cb98d13902c308e54fdeb52d70 (diff) | |
Notes
Diffstat (limited to 'libarchive/archive_read_support_format_mtree.c')
| -rw-r--r-- | libarchive/archive_read_support_format_mtree.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/libarchive/archive_read_support_format_mtree.c b/libarchive/archive_read_support_format_mtree.c index 44b6083cb2f2..5af0a1c6699c 100644 --- a/libarchive/archive_read_support_format_mtree.c +++ b/libarchive/archive_read_support_format_mtree.c @@ -77,6 +77,8 @@ __FBSDID("$FreeBSD: head/lib/libarchive/archive_read_support_format_mtree.c 2011 #define MTREE_HASHTABLE_SIZE 1024 +#define MAX_LINE_LEN (1024 * 1024) + struct mtree_option { struct mtree_option *next; char *value; @@ -334,6 +336,14 @@ next_line(struct archive_read *a, size_t nbytes_req = (*ravail+1023) & ~1023U; ssize_t tested; + /* + * Place an arbitrary limit on the line length. + * mtree is almost free-form input and without line length limits, + * it can consume a lot of memory. + */ + if (len >= MAX_LINE_LEN) + return (-1); + /* Increase reading bytes if it is not enough to at least * new two lines. */ if (nbytes_req < (size_t)*ravail + 160) |