[Libguestfs] [PATCH 13/14] hivex: Make limits into macros.

--- hivex/hivex.c | 14 ++++++++++---- hivex/hivexsh.c | 4 +++- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/hivex/hivex.c b/hivex/hivex.c index 148d837..5da50ea 100644 --- a/hivex/hivex.c +++ b/hivex/hivex.c @@ -55,6 +55,12 @@ #include "hivex.h" #include "byte_conversions.h" +/* These limits are in place to stop really stupid stuff and/or exploits. */ +#define HIVEX_MAX_SUBKEYS 10000 +#define HIVEX_MAX_VALUES 1000 +#define HIVEX_MAX_VALUE_LEN 1000000 +#define HIVEX_MAX_ALLOCATION 1000000 + static char *windows_utf16_to_utf8 (/* const */ char *input, size_t len); struct hive_h { @@ -719,7 +725,7 @@ get_children (hive_h *h, hive_node_h node, goto ok; /* Arbitrarily limit the number of subkeys we will ever deal with. */ - if (nr_subkeys_in_nk > 1000000) { + if (nr_subkeys_in_nk > HIVEX_MAX_SUBKEYS) { errno = ERANGE; goto error; } @@ -989,7 +995,7 @@ get_values (hive_h *h, hive_node_h node, goto ok; /* Arbitrarily limit the number of values we will ever deal with. */ - if (nr_values > 100000) { + if (nr_values > HIVEX_MAX_VALUES) { errno = ERANGE; goto error; } @@ -1188,7 +1194,7 @@ hivex_value_value (hive_h *h, hive_value_h value, *len_rtn = len; /* Arbitrarily limit the length that we will read. */ - if (len > 1000000) { + if (len > HIVEX_MAX_VALUE_LEN) { errno = ERANGE; return NULL; } @@ -1812,7 +1818,7 @@ allocate_block (hive_h *h, size_t seg_len, const char id[2]) } /* Refuse really large allocations. */ - if (seg_len > 1000000) { + if (seg_len > HIVEX_MAX_ALLOCATION) { if (h->msglvl >= 2) fprintf (stderr, "allocate_block: refusing large allocation (%zu), returning ERANGE\n", seg_len); diff --git a/hivex/hivexsh.c b/hivex/hivexsh.c index 00f33ae..6d83f0d 100644 --- a/hivex/hivexsh.c +++ b/hivex/hivexsh.c @@ -58,6 +58,8 @@ #include "hivex.h" #include "byte_conversions.h" +#define HIVEX_MAX_VALUES 1000 + static int quit = 0; static int is_tty; static hive_h *h = NULL; @@ -840,7 +842,7 @@ cmd_setval (char *nrvals_str) "setval", "nrvals", "xstrtol", xerr); return -1; } - if (nrvals < 0 || nrvals > 1000) { + if (nrvals < 0 || nrvals > HIVEX_MAX_VALUES) { fprintf (stderr, _("%s: %s: integer out of range\n"), "setval", "nrvals"); return -1; -- 1.6.5.2