diff options
author | Konstantin Ryabitsev <konstantin@linuxfoundation.org> | 2020-08-11 17:02:04 -0400 |
---|---|---|
committer | Konstantin Ryabitsev <konstantin@linuxfoundation.org> | 2020-08-11 17:02:04 -0400 |
commit | 1b16136e1e040a6adda3085f18ea189e16b2d55d (patch) | |
tree | 3bd84b5e1550481cf990c44d15af201639e577f0 | |
parent | e3e0aad543035eeb7f6c2cc12e981894c5d441f5 (diff) | |
download | grokmirror-1b16136e1e040a6adda3085f18ea189e16b2d55d.tar.gz |
Add some proj/repo length sanity checks
Since we'll be feeding this to a listener socket, apply some sanity
limits on the length of the repo.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
-rw-r--r-- | contrib/pubsubv1.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/contrib/pubsubv1.py b/contrib/pubsubv1.py index 808ef4b..9de8696 100644 --- a/contrib/pubsubv1.py +++ b/contrib/pubsubv1.py @@ -29,6 +29,9 @@ import socket from configparser import ConfigParser, ExtendedInterpolation +# Some sanity defaults +MAX_PROJ_LEN = 32 +MAX_REPO_LEN = 1024 # noinspection PyBroadException class PubsubListener(object): @@ -64,6 +67,11 @@ class PubsubListener(object): resp.body = 'Invalid characters in project name\n' return + if len(proj) > MAX_PROJ_LEN or len(repo) > MAX_REPO_LEN: + resp.status = falcon.HTTP_500 + resp.body = 'Repo or project value too long\n' + return + confdir = os.environ.get('GROKMIRROR_CONFIG_DIR', '/etc/grokmirror') cfgfile = os.path.join(confdir, '{}.conf'.format(proj)) if not os.access(cfgfile, os.R_OK): |