serialization: check max size of serialized file

author sanghyeok.oh <sanghyeok.oh@samsung.com>

Thu, 28 Mar 2019 06:11:16 +0000 (15:11 +0900)

committer sanghyeok.oh <sanghyeok.oh@samsung.com>

Fri, 29 Mar 2019 02:38:13 +0000 (11:38 +0900)
author sanghyeok.oh <sanghyeok.oh@samsung.com>
Thu, 28 Mar 2019 06:11:16 +0000 (15:11 +0900)
committer sanghyeok.oh <sanghyeok.oh@samsung.com>
Fri, 29 Mar 2019 02:38:13 +0000 (11:38 +0900)
diff --git a/src/internal/storage_backend_serialized.cpp b/src/internal/storage_backend_serialized.cpp

index 1f4ad78..551c620 100644 (file)
--- a/src/internal/storage_backend_serialized.cpp
+++ b/src/internal/storage_backend_serialized.cpp
@@ -36,6 +36,10 @@ using namespace FB;
  
  namespace ldp_serialized {
  
+// Set max size of serialized file to prevent mmap with unexpected memory size.
+// 1MB. Adjustable
+#define MAX_SFILE_SIZE (1024 * 1024)
+
  template <typename T>
  struct type_helper;
  
@@ -115,6 +119,10 @@ bool StorageBackendSerialized::StorageBackendSerializedImpl::init(const char *fi
                 return err("stat");
  
         length = buf.st_size;
+       if (length > MAX_SFILE_SIZE) {
+               tslog::log("Serialized file size(", length, ") is too large. (>", MAX_SFILE_SIZE, ") bytes.\n");
+               return false;
+       }
  
         mem = reinterpret_cast<uint8_t*>(mmap(NULL, length, PROT_READ, MAP_PRIVATE, fd, 0));
         if (MAP_FAILED == mem)
author	sanghyeok.oh <sanghyeok.oh@samsung.com>
	Thu, 28 Mar 2019 06:11:16 +0000 (15:11 +0900)
committer	sanghyeok.oh <sanghyeok.oh@samsung.com>
	Fri, 29 Mar 2019 02:38:13 +0000 (11:38 +0900)