Added some validation of protocol message parameters.

This commit is contained in:
crs 2002-04-29 14:25:24 +00:00
parent 32b085e42e
commit 3ca72b35f3
3 changed files with 33 additions and 1 deletions

View File

@ -391,6 +391,12 @@ void CClient::onGrabClipboard()
{ {
CLock lock(&m_mutex); CLock lock(&m_mutex);
CProtocolUtil::readf(m_input, kMsgCClipboard + 4, &id, &seqNum); CProtocolUtil::readf(m_input, kMsgCClipboard + 4, &id, &seqNum);
log((CLOG_DEBUG "received clipboard %d grab", id));
// validate
if (id >= kClipboardEnd) {
return;
}
// we no longer own the clipboard // we no longer own the clipboard
m_ownClipboard[id] = false; m_ownClipboard[id] = false;
@ -431,6 +437,11 @@ void CClient::onSetClipboard()
} }
log((CLOG_DEBUG "received clipboard %d size=%d", id, data.size())); log((CLOG_DEBUG "received clipboard %d size=%d", id, data.size()));
// validate
if (id >= kClipboardEnd) {
return;
}
// unmarshall // unmarshall
CClipboard clipboard; CClipboard clipboard;
clipboard.unmarshall(data, 0); clipboard.unmarshall(data, 0);

View File

@ -135,6 +135,11 @@ UInt32 CServer::getActivePrimarySides() const
void CServer::setInfo(const CString& client, void CServer::setInfo(const CString& client,
SInt32 w, SInt32 h, SInt32 zoneSize) SInt32 w, SInt32 h, SInt32 zoneSize)
{ {
assert(!client.empty());
assert(w > 0);
assert(h > 0);
assert(zoneSize >= 0);
CLock lock(&m_mutex); CLock lock(&m_mutex);
// client must be connected // client must be connected

View File

@ -179,7 +179,7 @@ void CServerProtocol1_0::recvInfo()
log((CLOG_DEBUG "received client \"%s\" info size=%dx%d, zone=%d", getClient().c_str(), w, h, zoneInfo)); log((CLOG_DEBUG "received client \"%s\" info size=%dx%d, zone=%d", getClient().c_str(), w, h, zoneInfo));
// validate // validate
if (w == 0 || h == 0) { if (w <= 0 || h <= 0 || zoneInfo < 0) {
throw XBadClient(); throw XBadClient();
} }
@ -189,19 +189,35 @@ void CServerProtocol1_0::recvInfo()
void CServerProtocol1_0::recvClipboard() void CServerProtocol1_0::recvClipboard()
{ {
// parse message
ClipboardID id; ClipboardID id;
UInt32 seqNum; UInt32 seqNum;
CString data; CString data;
CProtocolUtil::readf(getInputStream(), kMsgDClipboard + 4, &id, &seqNum, &data); CProtocolUtil::readf(getInputStream(), kMsgDClipboard + 4, &id, &seqNum, &data);
log((CLOG_DEBUG "received client \"%s\" clipboard %d seqnum=%d, size=%d", getClient().c_str(), id, seqNum, data.size())); log((CLOG_DEBUG "received client \"%s\" clipboard %d seqnum=%d, size=%d", getClient().c_str(), id, seqNum, data.size()));
// validate
if (id >= kClipboardEnd) {
throw XBadClient();
}
// send update
getServer()->setClipboard(id, seqNum, data); getServer()->setClipboard(id, seqNum, data);
} }
void CServerProtocol1_0::recvGrabClipboard() void CServerProtocol1_0::recvGrabClipboard()
{ {
// parse message
ClipboardID id; ClipboardID id;
UInt32 seqNum; UInt32 seqNum;
CProtocolUtil::readf(getInputStream(), kMsgCClipboard + 4, &id, &seqNum); CProtocolUtil::readf(getInputStream(), kMsgCClipboard + 4, &id, &seqNum);
log((CLOG_DEBUG "received client \"%s\" grabbed clipboard %d seqnum=%d", getClient().c_str(), id, seqNum)); log((CLOG_DEBUG "received client \"%s\" grabbed clipboard %d seqnum=%d", getClient().c_str(), id, seqNum));
// validate
if (id >= kClipboardEnd) {
throw XBadClient();
}
// send update
getServer()->grabClipboard(id, seqNum, getClient()); getServer()->grabClipboard(id, seqNum, getClient());
} }