commit 270c41a2b8c0d37d0ea9710a656369efa551dfcd
from: Omar Polo <op@omarpolo.com>
date: Thu Dec 01 08:39:20 2022 UTC

gotwebd: provide maximum value for the description and cloneurl

ok stsp@

commit - b5e1b8cdfc1252ab2430c1e9fabc09d393dd1373
commit + 270c41a2b8c0d37d0ea9710a656369efa551dfcd
blob - 6991dbcb9481482215de315ffb2caf894bad5350
blob + 9a3abd68641ab30d610ded5824470cdc62015474
--- gotwebd/gotweb.c
+++ gotwebd/gotweb.c
@@ -2510,8 +2510,8 @@ gotweb_get_repo_description(char **description, struct
 	}
 
 	len = sb.st_size;
-	if (len > SIZE_MAX - 1)
-		len = SIZE_MAX - 1;
+	if (len > GOTWEBD_MAXDESCRSZ - 1)
+		len = GOTWEBD_MAXDESCRSZ - 1;
 
 	*description = calloc(len + 1, sizeof(**description));
 	if (*description == NULL) {
@@ -2556,8 +2556,8 @@ gotweb_get_clone_url(char **url, struct server *srv, c
 	}
 
 	len = sb.st_size;
-	if (len > SIZE_MAX - 1)
-		len = SIZE_MAX - 1;
+	if (len > GOTWEBD_MAXCLONEURLSZ - 1)
+		len = GOTWEBD_MAXCLONEURLSZ - 1;
 
 	*url = calloc(len + 1, sizeof(**url));
 	if (*url == NULL) {
blob - 0a9217f7fb5cc2256686d1d01c59b69e5f96d4ad
blob + 14426b3f4ad9787e7876dc233211e8fb8875cab6
--- gotwebd/gotwebd.h
+++ gotwebd/gotwebd.h
@@ -39,6 +39,8 @@
 
 #define GOTWEBD_USER		 "www"
 
+#define GOTWEBD_MAXDESCRSZ	 1024
+#define GOTWEBD_MAXCLONEURLSZ	 1024
 #define GOTWEBD_CACHESIZE	 1024
 #define GOTWEBD_MAXCLIENTS	 1024
 #define GOTWEBD_MAXTEXT		 511