Mercurial > hg > webserver / file diff

--- a/src/server/util/pool.c	Tue Aug 13 22:14:32 2019 +0200
+++ b/src/server/util/pool.c	Sat Sep 24 16:26:10 2022 +0200
@@ -65,6 +65,7 @@
 
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 //define PERM_MALLOC   malloc
 //define PERM_FREE     free
 //define PERM_REALLOC  realloc
@@ -91,6 +92,8 @@
     return 0;
 }
 
+#define POOL_MIN_BLOCKSIZE 128
+
 NSAPI_PUBLIC int
 pool_init(pblock *pb, Session *sn, Request *rq)
 {
@@ -101,11 +104,22 @@
     int n;
 
     //printf("standard block size: %d\n", pool_config.block_size);
-
+    
     if (str_block_size != NULL) {
-        n = atoi(str_block_size);
-        if (n > 0)
-            pool_config.block_size = n;
+        int64_t value;
+        if(!util_strtoint(str_block_size, &value)) {
+            log_ereport(LOG_MISCONFIG, "pool-init: param 'block-size' is not an integer");
+            return REQ_ABORTED;
+        }
+        if(value > INT_MAX) {
+            log_ereport(LOG_MISCONFIG, "pool-init: block-size is too big");
+            return REQ_ABORTED;
+        }
+        if(value < POOL_MIN_BLOCKSIZE) {
+            log_ereport(LOG_MISCONFIG, "pool-init: block-size is too small");
+            return REQ_ABORTED;
+        }
+        pool_config.block_size = value;
     }
 
     if (str_pool_disable && util_getboolean(str_pool_disable, PR_TRUE)) {