-/* $OpenBSD: extern.h,v 1.194 2023/11/16 11:10:59 tb Exp $ */
+/* $OpenBSD: extern.h,v 1.195 2023/11/24 14:05:47 job Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
/* Maximum acceptable URI length */
#define MAX_URI_LENGTH 2048
-/* Maximum acceptable file size */
+/* Min/Max acceptable file size */
+#define MIN_FILE_SIZE 100
#define MAX_FILE_SIZE 4000000
/* Maximum number of FileNameAndHash entries per RSC checklist. */
-/* $OpenBSD: rrdp_util.c,v 1.1 2021/11/24 15:24:16 claudio Exp $ */
+/* $OpenBSD: rrdp_util.c,v 1.2 2023/11/24 14:05:47 job Exp $ */
/*
* Copyright (c) 2020 Nils Fisher <nils_fisher@hotmail.com>
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
unsigned char *data = NULL;
size_t datasz = 0;
- if (pxml->data_length > 0)
+ switch (pxml->type) {
+ case PUB_ADD:
+ case PUB_UPD:
+ if (base64_decode_len(pxml->data_length, &datasz) == -1)
+ return -1;
+ if (datasz < MIN_FILE_SIZE)
+ return -1;
if ((base64_decode(pxml->data, pxml->data_length,
&data, &datasz)) == -1)
return -1;
+ break;
+ case PUB_DEL:
+ if (pxml->data_length != 0)
+ return -1;
+ break;
+ }
rrdp_publish_file(s, pxml, data, datasz);
-/* $OpenBSD: rsync.c,v 1.47 2023/11/23 13:01:15 job Exp $ */
+/* $OpenBSD: rsync.c,v 1.48 2023/11/24 14:05:47 job Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
args[i++] = (char *)prog;
args[i++] = "-rtO";
args[i++] = "--no-motd";
+ args[i++] = "--min-size=" STRINGIFY(MIN_FILE_SIZE);
args[i++] = "--max-size=" STRINGIFY(MAX_FILE_SIZE);
args[i++] = "--contimeout=" STRINGIFY(MAX_CONN_TIMEOUT);
args[i++] = "--timeout=" STRINGIFY(MAX_IO_TIMEOUT);
projects / openbsd / commitdiff