[git commit] whois: limit total length of response to 32+2 kb

Denys Vlasenko vda.linux at googlemail.com
Tue Dec 3 13:52:17 UTC 2019


commit: https://git.busybox.net/busybox/commit/?id=9ec836c033fc6e55e80f3309b3e05acdf09bb297
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

function                                             old     new   delta
query                                                517     554     +37

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 networking/whois.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/networking/whois.c b/networking/whois.c
index 55e1de964..caa71ac51 100644
--- a/networking/whois.c
+++ b/networking/whois.c
@@ -53,7 +53,9 @@ static char *query(const char *host, int port, const char *domain)
 	fp = xfdopen_for_read(fd);
 
 	success = 0;
-	while (fgets(linebuf, sizeof(linebuf)-1, fp)) {
+	while (bufpos < 32*1024 /* paranoia */
+	 && fgets(linebuf, sizeof(linebuf)-1, fp)
+	) {
 		unsigned len;
 
 		len = strcspn(linebuf, "\r\n");


More information about the busybox-cvs mailing list