commit 7d499e344db4a9bbb6e3dedeea74769f32f966b2
parent ae5a8145089e0e67179cfeae202685a6b15d351e
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 31 May 2026 11:24:21 +0200
limit responses to GNUNET_MAX_MALLOC_CHECKED
Diffstat:
3 files changed, 32 insertions(+), 20 deletions(-)
diff --git a/src/backend/paivana-httpd.c b/src/backend/paivana-httpd.c
@@ -103,6 +103,11 @@ do_shutdown (void *cls)
GNUNET_free (PH_target_server_unixpath);
GNUNET_free (PH_merchant_base_url);
GNUNET_free (PH_base_url);
+ if (PH_have_whitelist_ex)
+ {
+ regfree (&PH_whitelist_ex);
+ PH_have_whitelist_ex = false;
+ }
if (NULL != PH_ctx)
{
GNUNET_CURL_fini (PH_ctx);
@@ -249,16 +254,16 @@ run (void *cls,
&whitelist))
{
if (0 != regcomp (&PH_whitelist_ex,
- whitelist,
- REG_NOSUB | REG_EXTENDED))
+ whitelist,
+ REG_NOSUB | REG_EXTENDED))
{
- GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
- "paivana",
- "WHITELIST",
- "Invalid regular expression");
- GNUNET_free (whitelist);
- GNUNET_SCHEDULER_shutdown ();
- return;
+ GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
+ "paivana",
+ "WHITELIST",
+ "Invalid regular expression");
+ GNUNET_free (whitelist);
+ GNUNET_SCHEDULER_shutdown ();
+ return;
}
PH_have_whitelist_ex = true;
GNUNET_free (whitelist);
diff --git a/src/backend/paivana-httpd_reverse.c b/src/backend/paivana-httpd_reverse.c
@@ -675,6 +675,7 @@ curl_download_cb (void *cls,
{
hr->response = MHD_create_response_from_buffer_copy (body_size,
body);
+ GNUNET_assert (NULL != hr->response);
hr->response_code = response_code;
for (struct HttpResponseHeader *header = hr->header_head;
NULL != header;
@@ -1043,6 +1044,7 @@ buffer_upload_chunk (struct HttpRequest *hr,
min_size = ((uint64_t) hr->io_len) + ((uint64_t) upload_data_size);
if ( (min_size < hr->io_len /* integer overflow */) ||
(min_size > PH_request_buffer_max /* overflows config limit */) ||
+ (min_size > GNUNET_MAX_MALLOC_CHECKED) ||
(min_size > UINT_MAX /* would overflow later */) )
{
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
@@ -1053,10 +1055,12 @@ buffer_upload_chunk (struct HttpRequest *hr,
{
unsigned int new_size;
- new_size = GNUNET_MAX (
- GNUNET_MIN (hr->io_size * 2 + 1024,
- UINT_MAX),
- min_size);
+ new_size = GNUNET_MIN (
+ GNUNET_MAX_MALLOC_CHECKED,
+ GNUNET_MAX (
+ GNUNET_MIN (hr->io_size * 2 + 1024,
+ UINT_MAX),
+ min_size));
GNUNET_assert (new_size > hr->io_size);
GNUNET_array_grow (hr->io_buf,
hr->io_size,
@@ -1331,10 +1335,10 @@ start_curl_request (struct HttpRequest *hr,
* If not needed, one of the following values will be
* ignored.*/
curl_easy_setopt (hr->curl,
- CURLOPT_POSTFIELDSIZE,
+ CURLOPT_POSTFIELDSIZE_LARGE,
hr->io_len);
curl_easy_setopt (hr->curl,
- CURLOPT_INFILESIZE,
+ CURLOPT_INFILESIZE_LARGE,
hr->io_len);
curl_easy_setopt (hr->curl,
CURLOPT_HEADERFUNCTION,
diff --git a/src/backend/paivana-httpd_templates.c b/src/backend/paivana-httpd_templates.c
@@ -341,11 +341,14 @@ load_paywall (struct MHD_Connection *conn,
uri = make_taler_pay_template_uri (PH_merchant_base_url,
t->template_id);
- GNUNET_assert (MHD_YES ==
- MHD_add_response_header (reply,
- "Paivana",
- uri));
- GNUNET_free (uri);
+ if (NULL != uri)
+ {
+ GNUNET_assert (MHD_YES ==
+ MHD_add_response_header (reply,
+ "Paivana",
+ uri));
+ GNUNET_free (uri);
+ }
}
{
