whois: limit total length of response to 32+2 kb

function                                             old     new   delta
query                                                517     554     +37

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/networking/whois.c b/networking/whois.c
index 55e1de964b6f0632a3a83a60d0c6f3076b1fa483..caa71ac5125a61d0929fb8897549cf6f226523d9 100644 (file)
--- a/networking/whois.c
+++ b/networking/whois.c
@@ -53,7 +53,9 @@ static char *query(const char *host, int port, const char *domain)
        fp = xfdopen_for_read(fd);
 
        success = 0;
-       while (fgets(linebuf, sizeof(linebuf)-1, fp)) {
+       while (bufpos < 32*1024 /* paranoia */
+        && fgets(linebuf, sizeof(linebuf)-1, fp)
+       ) {
                unsigned len;
 
                len = strcspn(linebuf, "\r\n");