Hi guys i have this line of code in a perl script where i allow users to upload a 5 second microphone recording to my server. The flash that does the recording automatically limits the microphone to 5 seconds and then POSTs the recording to my server.

 read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

Now my question is if someone wanted to be malicious they could directly post to my server script using up internal memory, bandwidth, and possibly buffer overflow. Is there a way to prevent how much information comes from the user?

I tried this before the read line, but I am not entirely sure this is the correct way to do it. Any ideas? Thanks.

if ($ENV{'CONTENT_LENGTH'} > 100000) {
 #then return some error message / exit
}

EDIT AND SOLUTION TO MY PROBLEM:

 use CGI qw/:standard/;
 use CGI::Carp 'fatalsToBrowser';
 $CGI::POST_MAX=1024 * 100;  # max 100K posts
 #$CGI::DISABLE_UPLOADS = 1;  # no uploads

 $uploaded_file = param( 'POSTDATA' );
 if (!$uploaded_file && cgi_error()) {
  print header(-status=>cgi_error());
  exit 0;
 }

I want to thank all of you for your quick responses (upvotes for all) but i have to give the correct answer to the first person who posted the correct link, despite their lack of effort in writing anything. I guess thats only fair? What do you guys think, leave comment below.