When compared to manifest FileAndHash, the RSC code doesn't limit the
size of the FileNameAndHash list. Should we do this for consistency?
The situation is of course not quite the same since we're in -f mode.
However, we do impose limits on the sizes of other resources, so it
looks like a missing check.
Index: extern.h
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/extern.h,v
retrieving revision 1.140
diff -u -p -r1.140 extern.h
--- extern.h 31 May 2022 18:41:43 -0000 1.140
+++ extern.h 31 May 2022 20:35:41 -0000
@@ -700,6 +700,9 @@ int mkpathat(int, const char *);
/* Maximum acceptable file size */
#define MAX_FILE_SIZE 4000000
+
+/* Maximum number of FileNameAndHash entries per RSC checklist. */
+#define MAX_CHECKLIST_ENTRIES 100000
/* Maximum number of FileAndHash entries per manifest. */
#define MAX_MANIFEST_ENTRIES 100000
Index: mft.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v
retrieving revision 1.69
diff -u -p -r1.69 mft.c
--- mft.c 31 May 2022 18:51:35 -0000 1.69
+++ mft.c 1 Jun 2022 06:34:39 -0000
@@ -323,7 +323,7 @@ mft_parse_econtent(const unsigned char *
goto out;
}
- if (sk_FileAndHash_num(mft->fileList) > MAX_MANIFEST_ENTRIES) {
+ if (sk_FileAndHash_num(mft->fileList) >= MAX_MANIFEST_ENTRIES) {
warnx("%s: %d exceeds manifest entry limit (%d)", p->fn,
sk_FileAndHash_num(mft->fileList), MAX_MANIFEST_ENTRIES);
goto out;
Index: rsc.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/rsc.c,v
retrieving revision 1.7
diff -u -p -r1.7 rsc.c
--- rsc.c 31 May 2022 18:51:35 -0000 1.7
+++ rsc.c 1 Jun 2022 06:36:15 -0000
@@ -279,6 +279,12 @@ rsc_parse_checklist(struct parse *p, con
return 0;
}
+ if (sz >= MAX_CHECKLIST_ENTRIES) {
+ warnx("%s: %zu exceeds checklist entry limit (%d)", p->fn, sz,
+ MAX_CHECKLIST_ENTRIES);
+ return 0;
+ }
+
p->res->files = calloc(sz, sizeof(struct rscfile));
if (p->res->files == NULL)
err(1, NULL);
