oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

kcm,kdc/config.c: detect too big max_request sizes (>= 64 MB)

Browse Source
This commit is contained in:
Robert Manner
2023-01-11 16:02:23 +01:00
committed by Nico Williams
parent 65e5b0ab79
commit 56d97563f0
2 changed files with 27 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
kcm/config.c
View File

@@ -36,6 +36,8 @@
#include <getarg.h>
#include <parse_bytes.h>
#define MAX_REQUEST_MAX 67108864ll /* 64MB, the maximum accepted value of max_request */
static const char *config_file; /* location of kcm config file */
size_t max_request = 0; /* maximal size of a request */
@@ -360,13 +362,16 @@ kcm_configure(int argc, char **argv)
}
if (max_request_str) {
ssize_t bytes;
int64_t bytes;
if ((bytes = parse_bytes(max_request_str, NULL)) < 0)
krb5_errx(kcm_context, 1,
"--max-request size must be non-negative");
if (bytes > MAX_REQUEST_MAX)
krb5_errx(kcm_context, 1, "--max-request size is too big "
"(must be smaller than %lld)", MAX_REQUEST_MAX);
max_request = bytes;
max_request = bytes;
}
if(max_request == 0){
@@ -376,11 +381,15 @@ kcm_configure(int argc, char **argv)
"max-request",
NULL);
if (p) {
ssize_t bytes;
int64_t bytes;
if ((bytes = parse_bytes(max_request_str, NULL)) < 0)
krb5_errx(kcm_context, 1,
"[kcm] max-request size must be non-negative");
if (bytes > MAX_REQUEST_MAX)
krb5_errx(kcm_context, 1, "[kcm] max-request size is too big "
"(must be smaller than %lld)", MAX_REQUEST_MAX);
max_request = bytes;
}
}