diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2019-12-03 14:52:17 +0100 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2019-12-03 14:52:17 +0100 |
commit | 9ec836c033fc6e55e80f3309b3e05acdf09bb297 (patch) | |
tree | e6663a58c0b03d903a270c8d4c7c9a9e6b0c428e /networking | |
parent | 356f23de20b48382f5a2c5db29dc4f6dc9d10289 (diff) |
whois: limit total length of response to 32+2 kb
function old new delta
query 517 554 +37
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking')
-rw-r--r-- | networking/whois.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/networking/whois.c b/networking/whois.c index 55e1de964..caa71ac51 100644 --- a/networking/whois.c +++ b/networking/whois.c @@ -53,7 +53,9 @@ static char *query(const char *host, int port, const char *domain) fp = xfdopen_for_read(fd); success = 0; - while (fgets(linebuf, sizeof(linebuf)-1, fp)) { + while (bufpos < 32*1024 /* paranoia */ + && fgets(linebuf, sizeof(linebuf)-1, fp) + ) { unsigned len; len = strcspn(linebuf, "\r\n"); |