diff options
author | Michael Vogt <mvo@debian.org> | 2014-08-26 19:08:37 -0700 |
---|---|---|
committer | Michael Vogt <mvo@debian.org> | 2014-08-26 19:08:37 -0700 |
commit | dcd5856b11c685ca6d4629212d2978ce196ea65c (patch) | |
tree | 932d7934b144353010d85eff5eb76324b39554c4 /methods/http.cc | |
parent | 80624be7c54aec6ed98ee254366155024fca1a71 (diff) |
Pass ExpectedSize to tthe backend method
This ensures that we can stop downloading if the server send
too much data by accident (or by a malicious attempt)
Diffstat (limited to 'methods/http.cc')
-rw-r--r-- | methods/http.cc | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/methods/http.cc b/methods/http.cc index c734d3799..916fa464f 100644 --- a/methods/http.cc +++ b/methods/http.cc @@ -63,7 +63,8 @@ const unsigned int CircleBuf::BW_HZ=10; // CircleBuf::CircleBuf - Circular input buffer /*{{{*/ // --------------------------------------------------------------------- /* */ -CircleBuf::CircleBuf(unsigned long long Size) : Size(Size), Hash(0) +CircleBuf::CircleBuf(unsigned long long Size) + : Size(Size), Hash(0), TotalWriten(0) { Buf = new unsigned char[Size]; Reset(); @@ -79,6 +80,7 @@ void CircleBuf::Reset() InP = 0; OutP = 0; StrPos = 0; + TotalWriten = 0; MaxGet = (unsigned long long)-1; OutQueue = string(); if (Hash != 0) @@ -216,6 +218,8 @@ bool CircleBuf::Write(int Fd) return false; } + + TotalWriten += Res; if (Hash != 0) Hash->Add(Buf + (OutP%Size),Res); @@ -649,6 +653,10 @@ bool HttpServerState::Go(bool ToFile, FileFd * const File) return _error->Errno("write",_("Error writing to output file")); } + if (ExpectedSize > 0 && In.TotalWriten > ExpectedSize) + return _error->Error("Writing more data than expected (%llu > %llu)", + In.TotalWriten, ExpectedSize); + // Handle commands from APT if (FD_ISSET(STDIN_FILENO,&rfds)) { |