diff options
| author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2020-01-03 14:11:52 +0000 |
|---|---|---|
| committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2020-01-03 14:11:52 +0000 |
| commit | 70116523047683084cac89b619419b12a802906f (patch) | |
| tree | 8c7b7c1b327421c2271f7650c237be5862366106 /src/lua | |
| parent | b597f5c16bd348e8a9083bbbb84f3dd3a69c4eba (diff) | |
| download | rspamd-70116523047683084cac89b619419b12a802906f.tar.gz rspamd-70116523047683084cac89b619419b12a802906f.zip | |
[Project] Lua_util: Allow to set size limit for gzip decompress
Diffstat (limited to 'src/lua')
| -rw-r--r-- | src/lua/lua_util.c | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/src/lua/lua_util.c b/src/lua/lua_util.c index 3a3561e2f..e04f82160 100644 --- a/src/lua/lua_util.c +++ b/src/lua/lua_util.c @@ -383,10 +383,11 @@ LUA_FUNCTION_DEF (util, zstd_compress); LUA_FUNCTION_DEF (util, zstd_decompress); /*** - * @function util.gzip_decompress(data) + * @function util.gzip_decompress(data, [size_limit]) * Decompresses input using gzip algorithm * * @param {string/rspamd_text} data compressed data + * @param {integer} size_limit optional size limit * @return {error,rspamd_text} pair of error + decompressed text */ LUA_FUNCTION_DEF (util, gzip_decompress); @@ -2327,6 +2328,7 @@ lua_util_gzip_decompress (lua_State *L) gint rc; guchar *p; gsize remain; + gssize size_limit = -1; if (lua_type (L, 1) == LUA_TSTRING) { t = &tmp; @@ -2341,6 +2343,10 @@ lua_util_gzip_decompress (lua_State *L) return luaL_error (L, "invalid arguments"); } + if (lua_type (L, 2) == LUA_TNUMBER) { + size_limit = lua_tointeger (L, 2); + } + sz = t->len; memset (&strm, 0, sizeof (strm)); @@ -2385,10 +2391,21 @@ lua_util_gzip_decompress (lua_State *L) res->len = strm.total_out; if (strm.avail_out == 0 && strm.avail_in != 0) { + + if (size_limit > 0 || res->len >= G_MAXUINT32 / 2) { + if (res->len > size_limit || res->len >= G_MAXUINT32 / 2) { + lua_pop (L, 1); /* Text will be freed here */ + lua_pushnil (L); + inflateEnd (&strm); + + return 1; + } + } + /* Need to allocate more */ remain = res->len; - res->start = g_realloc ((gpointer)res->start, strm.avail_in + sz); - sz = strm.avail_in + sz; + res->start = g_realloc ((gpointer)res->start, res->len * 2); + sz = res->len * 2; p = (guchar *)res->start + remain; remain = sz - remain; } |