journal-remote: set upper length bound when parsing incoming headers

CID#1529420

src/journal-remote/journal-gatewayd.c

@@ -22,6 +22,7 @@
 #include "fileio.h"
 #include "glob-util.h"
 #include "hostname-util.h"
+#include "journal-remote.h"
 #include "log.h"
 #include "logs-show.h"
 #include "main-func.h"
@@ -431,6 +432,11 @@ static int request_parse_range(
         if (!range)
                 return 0;
 
+        /* Safety upper bound to make Coverity happy. Apache2 has a default limit of 8KB:
+         * https://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfieldsize */
+        if (strlen(range) > JOURNAL_SERVER_MEMORY_MAX)
+                return -EINVAL;
+
         m->n_skip = 0;
         range_after_eq = startswith(range, "entries=");
         if (range_after_eq) {

src/journal-remote/journal-remote-main.c

@@ -374,7 +374,7 @@ static int setup_microhttpd_server(RemoteServer *s,
                 { MHD_OPTION_EXTERNAL_LOGGER, (intptr_t) microhttpd_logger},
                 { MHD_OPTION_NOTIFY_COMPLETED, (intptr_t) request_meta_free},
                 { MHD_OPTION_LISTEN_SOCKET, fd},
-                { MHD_OPTION_CONNECTION_MEMORY_LIMIT, 128*1024},
+                { MHD_OPTION_CONNECTION_MEMORY_LIMIT, JOURNAL_SERVER_MEMORY_MAX},
                 { MHD_OPTION_END},
                 { MHD_OPTION_END},
                 { MHD_OPTION_END},

src/journal-remote/journal-remote.h

@@ -48,6 +48,9 @@ struct RemoteServer {
 };
 extern RemoteServer *journal_remote_server_global;
 
+/* Used for MHD_OPTION_CONNECTION_MEMORY_LIMIT and header parsing cap */
+#define JOURNAL_SERVER_MEMORY_MAX 128U * 1024U
+
 int journal_remote_server_init(
                 RemoteServer *s,
                 const char *output,