From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Wed, 5 Dec 2018 21:52:53 +0000 (+0100)
Subject: journald: lower the maximum entry size limit to ½ for non-sealed fds
X-Git-Tag: v241-rc1~98^2~3
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6670c9de196c8e2d5e84a8890cbb68f70c4db6e3;p=thirdparty%2Fsystemd.git

journald: lower the maximum entry size limit to ½ for non-sealed fds

We immediately read the whole contents into memory, making thigs much more
expensive. Sealed fds should be used instead since they are more efficient
on our side.
---

diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c
index 50aad6d134e..221188db166 100644
--- a/src/journal/journald-native.c
+++ b/src/journal/journald-native.c
@@ -376,8 +376,10 @@ void server_process_native_file(
         if (st.st_size <= 0)
                 return;
 
-        if (st.st_size > ENTRY_SIZE_MAX) {
-                log_error("File passed too large. Ignoring.");
+        /* When !sealed, set a lower memory limit. We have to read the file,
+         * effectively doubling memory use. */
+        if (st.st_size > ENTRY_SIZE_MAX / (sealed ? 1 : 2)) {
+                log_error("File passed too large (%"PRIu64" bytes). Ignoring.", (uint64_t) st.st_size);
                 return;
         }