diff options
| author |   Unit 193 <unit193@unit193.net> | 2021-11-10 00:54:35 -0500 |
|---|---|---|
| committer | Unit 193 <unit193@unit193.net> | 2021-11-10 00:54:35 -0500 |
| commit | 58fb7a0cee13d84170aac52f3f89d91888e1afe3 (patch) | |
| tree | 1d6312ba15f9ece5a8031e5280dfb8b38be8dfa3 /src/lib/barrier/ProtocolUtil.cpp | |
| parent | 28db84b46139c9bb2bbcac8c6cc56e71d1e35629 (diff) | |
| parent | beb08eb751fa8e1f72042f263316ab5e5ddb596d (diff) | |
Update upstream source from tag 'upstream/2.4.0+dfsg'
Update to upstream version '2.4.0+dfsg'
with Debian dir 4b6668cc08c7b0e56b1e1f7b4e89ecdb316182a0
Diffstat (limited to 'src/lib/barrier/ProtocolUtil.cpp')
| -rw-r--r-- | src/lib/barrier/ProtocolUtil.cpp | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/src/lib/barrier/ProtocolUtil.cpp b/src/lib/barrier/ProtocolUtil.cpp index e742687..5a71010 100644 --- a/src/lib/barrier/ProtocolUtil.cpp +++ b/src/lib/barrier/ProtocolUtil.cpp @@ -2,11 +2,11 @@ * barrier -- mouse and keyboard sharing utility * Copyright (C) 2012-2016 Symless Ltd. * Copyright (C) 2002 Chris Schoeneman - * + * * This package is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * found in the file LICENSE that should have accompanied this file. - * + * * This package is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the @@ -19,6 +19,8 @@ #include "barrier/ProtocolUtil.h" #include "io/IStream.h" #include "base/Log.h" +#include "barrier/protocol_types.h" +#include "barrier/XBarrier.h" #include "common/stdvector.h" #include "base/String.h" @@ -80,7 +82,7 @@ ProtocolUtil::vwritef(barrier::IStream* stream, // fill buffer UInt8* buffer = new UInt8[size]; - writef(buffer, fmt, args); + writef_void(buffer, fmt, args); try { // write buffer @@ -159,6 +161,10 @@ ProtocolUtil::vreadf(barrier::IStream* stream, const char* fmt, va_list args) (static_cast<UInt32>(buffer[2]) << 8) | static_cast<UInt32>(buffer[3]); + if (n > PROTOCOL_MAX_LIST_LENGTH) { + throw XBadClient("Too long message received"); + } + // convert it void* v = va_arg(args, void*); switch (len) { @@ -211,6 +217,10 @@ ProtocolUtil::vreadf(barrier::IStream* stream, const char* fmt, va_list args) (static_cast<UInt32>(buffer[2]) << 8) | static_cast<UInt32>(buffer[3]); + if (len > PROTOCOL_MAX_STRING_LENGTH) { + throw XBadClient("Too long message received"); + } + // use a fixed size buffer if its big enough const bool useFixed = (len <= sizeof(buffer)); @@ -339,7 +349,7 @@ ProtocolUtil::getLength(const char* fmt, va_list args) } void -ProtocolUtil::writef(void* buffer, const char* fmt, va_list args) +ProtocolUtil::writef_void(void* buffer, const char* fmt, va_list args) { UInt8* dst = static_cast<UInt8*>(buffer); |