lib/Odin.pm, mason/pastebin/dhandler: Apply a size limit on pastes.

[odin-cgi] / lib / Odin.pm

diff --git a/lib/Odin.pm b/lib/Odin.pm
index 551c51f..26a2f80 100644 (file)
--- a/lib/Odin.pm
+++ b/lib/Odin.pm
@@ -33,6 +33,8 @@ our @URLPAT = (
   qr{^https?://}
 );
 
+our $PASTEMAXLEN = 1024*1024;
+
 our %COOKIE_DEFAULTS = (
   -httponly => undef,
   -max_age => 3600
@@ -427,6 +429,8 @@ sub tidy_pastebin_content ($) {
   return undef unless defined $content;
   $content =~ tr/\r//d;
   $content =~ s/([^\n])\z/$1\n/;
+  length $content <= $PASTEMAXLEN or
+    fail "invalid paste content", ".badpaste";
   return $content;
 }