From f6da79a49d59d77a37dd742d13e76137160077dc Mon Sep 17 00:00:00 2001
From: King_DuckZ <king_duckz@gmx.com>
Date: Thu, 8 Jun 2017 22:02:11 +0100
Subject: [PATCH] Add an option to ignore pastie tokens that are too long.

0 disables the limit.
---
 src/kamokan/main.cpp            | 1 +
 src/tawashi/pastie_response.cpp | 7 +++++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/kamokan/main.cpp b/src/kamokan/main.cpp
index ce5e006..eea092c 100644
--- a/src/kamokan/main.cpp
+++ b/src/kamokan/main.cpp
@@ -85,6 +85,7 @@ namespace {
 		parSettings.add_default("log_file", "-");
 		parSettings.add_default("highlight_css", "sh_darkness.css");
 		parSettings.add_default("max_post_size", "1048576");
+		parSettings.add_default("max_token_length", "10");
 	}
 
 	void print_buildtime_info() {
diff --git a/src/tawashi/pastie_response.cpp b/src/tawashi/pastie_response.cpp
index 281e8c7..773b366 100644
--- a/src/tawashi/pastie_response.cpp
+++ b/src/tawashi/pastie_response.cpp
@@ -64,9 +64,12 @@ namespace tawashi {
 			);
 		}
 
-		bool is_valid_token (const boost::string_view& parToken) {
+		bool is_valid_token (const boost::string_view& parToken, uint32_t parMaxLen) {
 			if (parToken.empty())
 				return false;
+			if (parMaxLen > 0 and parToken.size() > parMaxLen)
+				return false;
+
 			auto it_mark = std::find(parToken.begin(), parToken.end(), '?');
 			if (parToken.begin() == it_mark)
 				return false;
@@ -129,7 +132,7 @@ namespace tawashi {
 		boost::string_view token = cgi::drop_arguments(cgi_env().request_uri_relative());
 		boost::optional<std::string> pastie = this->storage().retrieve_pastie(token);
 
-		if (not is_valid_token(token)) {
+		if (not is_valid_token(token, settings().as<uint32_t>("max_token_length"))) {
 			m_token_invalid = true;
 			return;
 		}