From fb8e7dbd1b711d25d1033c3f5f540ce47f6c0849 Mon Sep 17 00:00:00 2001
From: Eric Wong <e@yhbt.net>
Date: Mon, 20 Apr 2020 22:55:37 +0000
Subject: index: support --max-size / publicinbox.indexMaxSize

In normal mail paths, we can rely on MTAs being configured with
reasonable limits in the -watch and -mda mail injection paths.

However, the MTA is bypassed in a git-only delivery path, a BOFH
could inject a large message and DoS users attempting to mirror
a public-inbox.

This doesn't protect unindexed WWW interfaces from Email::MIME
memory explosions on v1 inboxes.  Probably nobody cares about
unindexed WWW interfaces anymore, especially now that Xapian is
optional for indexing.
---
 lib/PublicInbox/Admin.pm | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'lib/PublicInbox/Admin.pm')

diff --git a/lib/PublicInbox/Admin.pm b/lib/PublicInbox/Admin.pm
index 60f4f40d..62ddbe82 100644
--- a/lib/PublicInbox/Admin.pm
+++ b/lib/PublicInbox/Admin.pm
@@ -234,4 +234,15 @@ sub progress_prepare ($) {
 	}
 }
 
+# same unit factors as git:
+sub parse_unsigned ($) {
+	my ($max_size) = @_;
+
+	$$max_size =~ /\A([0-9]+)([kmg])?\z/i or return;
+	my ($n, $unit_factor) = ($1, $2 // '');
+	my %u = ( k => 1024, m => 1024**2, g => 1024**3 );
+	$$max_size = $n * ($u{lc($unit_factor)} // 1);
+	1;
+}
+
 1;
-- 
cgit v1.2.3-24-ge0c7