chiark / gitweb /
~mdw / odin-cgi / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
lib/Odin.pm, mason/pastebin/dhandler: Apply a size limit on pastes.
[odin-cgi] / lib / Odin.pm
diff --git a/lib/Odin.pm b/lib/Odin.pm
index 551c51f0e83cc7248baa176513a8df201c1af71b..26a2f800e7fb07084da7bd66dad0eb630c138812 100644 (file)
--- a/lib/Odin.pm
+++ b/lib/Odin.pm
@@ -33,6 +33,8 @@ our @URLPAT = (
   qr{^https?://}
 );
 
   qr{^https?://}
 );
 
+our $PASTEMAXLEN = 1024*1024;
+
 our %COOKIE_DEFAULTS = (
   -httponly => undef,
   -max_age => 3600
 our %COOKIE_DEFAULTS = (
   -httponly => undef,
   -max_age => 3600
@@ -427,6 +429,8 @@ sub tidy_pastebin_content ($) {
   return undef unless defined $content;
   $content =~ tr/\r//d;
   $content =~ s/([^\n])\z/$1\n/;
   return undef unless defined $content;
   $content =~ tr/\r//d;
   $content =~ s/([^\n])\z/$1\n/;
+  length $content <= $PASTEMAXLEN or
+    fail "invalid paste content", ".badpaste";
   return $content;
 }
 
   return $content;
 }
 
CGI scripts for odin.gg services