From 5a544d0d7a549a68b85e8410ecdc390b30390dd9 Mon Sep 17 00:00:00 2001 From: christopherm Date: Thu, 14 Aug 2008 17:31:44 +0000 Subject: CONTENT_LENGTH is a user supplied variable. Without any checks for size, one could easily DoS the machine with very large POSTS. Commiting changes made to /trunk/ in /branches/1.2/ git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/branches/1.2@2265 4979c152-3d1c-0410-bac9-87ea11338e46 --- LedgerSMB/Form.pm | 5 +++++ admin.pl | 7 ++++++- ledgersmb.conf.default | 3 +++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm index 6cb65964..e37de58a 100755 --- a/LedgerSMB/Form.pm +++ b/LedgerSMB/Form.pm @@ -52,6 +52,11 @@ sub new { my $argstr = shift; + if ($ENV{CONTENT_LENGTH} > $LedgerSMB::Sysconfig::max_post_size) { + print "Status: 413\n Request entity too large\n\n"; + die "Error: Request entity too large\n"; + } + read( STDIN, $_, $ENV{CONTENT_LENGTH} ); if ($argstr) { diff --git a/admin.pl b/admin.pl index c4ae2d48..9cf121f8 100755 --- a/admin.pl +++ b/admin.pl @@ -53,7 +53,12 @@ require "common.pl"; $| = 1; -if ( $ENV{CONTENT_LENGTH} ) { +if ( $ENV{CONTENT_LENGTH} > $LedgerSMB::Sysconfig::max_post_size ) { + print "Status: 413\n Request entity too large\n\n"; + die "Error: Request entity too large\n"; +} + +if ( $ENV{CONTENT_LENGTH} > 0 ) { read( STDIN, $_, $ENV{CONTENT_LENGTH} ); } diff --git a/ledgersmb.conf.default b/ledgersmb.conf.default index 6b45ce44..482f7f65 100644 --- a/ledgersmb.conf.default +++ b/ledgersmb.conf.default @@ -10,6 +10,9 @@ latex : 1 # Maximum number of invoices that can be printed on a cheque check_max_invoices : 5 +# Maximum POST size to prevent DoS (4MB default) +max_post_size : 4194304 + [environment] # If the server can't find applications, append to the path PATH: /usr/local/pgsql/bin -- cgit v1.2.3