mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-23 10:29:58 +01:00
gpg: Set a limit for a WKD import of 256 KiB.
* g10/call-dirmngr.c (MAX_WKD_RESULT_LENGTH): New. (gpg_dirmngr_wkd_get): Use it. -- WKD should return only a single key with just one UID. For key rollover 2 keys may be send. A total of 256 KiB seems to be a generous limit here. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit e88f56f1937ac92f6a3b94e50b6db2649ec0be41)
This commit is contained in:
parent
8a98aa25bb
commit
f1c0d9bb65
@ -41,6 +41,12 @@
|
||||
#include "call-dirmngr.h"
|
||||
|
||||
|
||||
/* Keys retrieved from the web key directory should be small. There
|
||||
* is only one UID and we can expect that the number of subkeys is
|
||||
* reasonable. So we set a generous limit of 256 KiB. */
|
||||
#define MAX_WKD_RESULT_LENGTH (256 * 1024)
|
||||
|
||||
|
||||
/* Parameter structure used to gather status info. Note that it is
|
||||
* also used for WKD requests. */
|
||||
struct ks_status_parm_s
|
||||
@ -1365,7 +1371,7 @@ gpg_dirmngr_wkd_get (ctrl_t ctrl, const char *name, int quick,
|
||||
goto leave;
|
||||
}
|
||||
|
||||
parm.memfp = es_fopenmem (0, "rwb");
|
||||
parm.memfp = es_fopenmem (MAX_WKD_RESULT_LENGTH, "rwb");
|
||||
if (!parm.memfp)
|
||||
{
|
||||
err = gpg_error_from_syserror ();
|
||||
@ -1373,6 +1379,8 @@ gpg_dirmngr_wkd_get (ctrl_t ctrl, const char *name, int quick,
|
||||
}
|
||||
err = assuan_transact (ctx, line, dns_cert_data_cb, &parm,
|
||||
NULL, NULL, ks_status_cb, &stparm);
|
||||
if (gpg_err_code (err) == GPG_ERR_ENOSPC)
|
||||
err = gpg_error (GPG_ERR_TOO_LARGE);
|
||||
if (err)
|
||||
goto leave;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user