index: support --max-size / publicinbox.indexMaxSize

In normal mail paths, we can rely on MTAs being configured with reasonable limits in the -watch and -mda mail injection paths. However, the MTA is bypassed in a git-only delivery path, a BOFH could inject a large message and DoS users attempting to mirror a public-inbox. This doesn't protect unindexed WWW interfaces from Email::MIME memory explosions on v1 inboxes. Probably nobody cares about unindexed WWW interfaces anymore, especially now that Xapian is optional for indexing.
author: Eric Wong <e@yhbt.net> 2020-04-20 22:55:37 +0000
committer: Eric Wong <e@yhbt.net> 2020-04-21 20:13:47 +0000
commit: fb8e7dbd1b711d25d1033c3f5f540ce47f6c0849 (patch)
tree: 9560834162cdb04fbc95d5bc0bac3669cd9eaea5 /lib/PublicInbox/Admin.pm
parent: e700c37c0186915253d639462cfa403fd9fc964f (diff)
download: public-inbox-fb8e7dbd1b711d25d1033c3f5f540ce47f6c0849.tar.gz
1 files changed, 11 insertions, 0 deletions
diff --git a/lib/PublicInbox/Admin.pm b/lib/PublicInbox/Admin.pm
index 60f4f40d..62ddbe82 100644
--- a/lib/PublicInbox/Admin.pm
+++ b/lib/PublicInbox/Admin.pm
@@ -234,4 +234,15 @@ sub progress_prepare ($) {
          }
  }
  
+# same unit factors as git:
+sub parse_unsigned ($) {
+        my ($max_size) = @_;
+
+        $$max_size =~ /\A([0-9]+)([kmg])?\z/i or return;
+        my ($n, $unit_factor) = ($1, $2 // '');
+        my %u = ( k => 1024, m => 1024**2, g => 1024**3 );
+        $$max_size = $n * ($u{lc($unit_factor)} // 1);
+        1;
+}
+
  1;
author	Eric Wong <e@yhbt.net>	2020-04-20 22:55:37 +0000
committer	Eric Wong <e@yhbt.net>	2020-04-21 20:13:47 +0000
commit	fb8e7dbd1b711d25d1033c3f5f540ce47f6c0849 (patch)
tree	9560834162cdb04fbc95d5bc0bac3669cd9eaea5 /lib/PublicInbox/Admin.pm
parent	e700c37c0186915253d639462cfa403fd9fc964f (diff)
download	public-inbox-fb8e7dbd1b711d25d1033c3f5f540ce47f6c0849.tar.gz