Added some validation of protocol message parameters.

This commit is contained in:
crs 2002-04-29 14:25:24 +00:00
parent 32b085e42e
commit 3ca72b35f3
3 changed files with 33 additions and 1 deletions

View File

@ -391,6 +391,12 @@ void CClient::onGrabClipboard()
{
CLock lock(&m_mutex);
CProtocolUtil::readf(m_input, kMsgCClipboard + 4, &id, &seqNum);
log((CLOG_DEBUG "received clipboard %d grab", id));
// validate
if (id >= kClipboardEnd) {
return;
}
// we no longer own the clipboard
m_ownClipboard[id] = false;
@ -431,6 +437,11 @@ void CClient::onSetClipboard()
}
log((CLOG_DEBUG "received clipboard %d size=%d", id, data.size()));
// validate
if (id >= kClipboardEnd) {
return;
}
// unmarshall
CClipboard clipboard;
clipboard.unmarshall(data, 0);

View File

@ -135,6 +135,11 @@ UInt32 CServer::getActivePrimarySides() const
void CServer::setInfo(const CString& client,
SInt32 w, SInt32 h, SInt32 zoneSize)
{
assert(!client.empty());
assert(w > 0);
assert(h > 0);
assert(zoneSize >= 0);
CLock lock(&m_mutex);
// client must be connected

View File

@ -179,7 +179,7 @@ void CServerProtocol1_0::recvInfo()
log((CLOG_DEBUG "received client \"%s\" info size=%dx%d, zone=%d", getClient().c_str(), w, h, zoneInfo));
// validate
if (w == 0 || h == 0) {
if (w <= 0 || h <= 0 || zoneInfo < 0) {
throw XBadClient();
}
@ -189,19 +189,35 @@ void CServerProtocol1_0::recvInfo()
void CServerProtocol1_0::recvClipboard()
{
// parse message
ClipboardID id;
UInt32 seqNum;
CString data;
CProtocolUtil::readf(getInputStream(), kMsgDClipboard + 4, &id, &seqNum, &data);
log((CLOG_DEBUG "received client \"%s\" clipboard %d seqnum=%d, size=%d", getClient().c_str(), id, seqNum, data.size()));
// validate
if (id >= kClipboardEnd) {
throw XBadClient();
}
// send update
getServer()->setClipboard(id, seqNum, data);
}
void CServerProtocol1_0::recvGrabClipboard()
{
// parse message
ClipboardID id;
UInt32 seqNum;
CProtocolUtil::readf(getInputStream(), kMsgCClipboard + 4, &id, &seqNum);
log((CLOG_DEBUG "received client \"%s\" grabbed clipboard %d seqnum=%d", getClient().c_str(), id, seqNum));
// validate
if (id >= kClipboardEnd) {
throw XBadClient();
}
// send update
getServer()->grabClipboard(id, seqNum, getClient());
}