diff options
| author | Alan Coopersmith <alan.coopersmith@oracle.com> | 2022-09-14 16:29:32 -0700 |
|---|---|---|
| committer | Alan Coopersmith <alan.coopersmith@oracle.com> | 2022-09-14 16:39:42 -0700 |
| commit | 96c84e563610d5c7846e601605f675f3d3840dd2 (patch) | |
| tree | 8432553a1dc05a28485c8289d16635341622076b | |
| parent | 0269c687e954db7aca2a4344e32cb203315a00b6 (diff) | |
| download | xorg-lib-libICE-96c84e563610d5c7846e601605f675f3d3840dd2.tar.gz | |
Handle arrays too large to fit in iceConn buffers
Fixes numerous gcc warnings of the form:
connect.c: In function ‘IceOpenConnection’:
ICElibint.h:160:25: warning: potential null pointer dereference [-Wnull-dereference]
*((CARD16 *) _pBuf) = _val; \
^
ICElibint.h:174:5: note: in expansion of macro ‘STORE_CARD16’
STORE_CARD16 (_pBuf, _len); \
^~~~~~~~~~~~
connect.c:351:5: note: in expansion of macro ‘STORE_STRING’
STORE_STRING (pData, IceReleaseString);
^~~~~~~~~~~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
| -rw-r--r-- | src/ICElibint.h | 14 | ||||
| -rw-r--r-- | src/connect.c | 43 | ||||
| -rw-r--r-- | src/process.c | 23 | ||||
| -rw-r--r-- | src/protosetup.c | 11 |
4 files changed, 74 insertions, 17 deletions
diff --git a/src/ICElibint.h b/src/ICElibint.h index b64795f..3794085 100644 --- a/src/ICElibint.h +++ b/src/ICElibint.h @@ -180,6 +180,20 @@ typedef struct { /* + * SEND FOO - write to connection instead of buffer + */ +#define SEND_STRING(_iceConn, _string) \ +{ \ + char _padding[3] = { 0 }; \ + CARD16 _len = (CARD16) strlen (_string); \ + IceWriteData32 (_iceConn, 2, &_len); \ + if (_len) \ + IceSendData (_iceConn, _len, (char *) _string); \ + if (PAD32 (2 + _len)) \ + IceSendData (_iceConn, PAD32 (2 + _len), _padding); \ +} + +/* * EXTRACT FOO */ diff --git a/src/connect.c b/src/connect.c index 2a77372..fcdf196 100644 --- a/src/connect.c +++ b/src/connect.c @@ -347,23 +347,46 @@ IceOpenConnection ( pSetupMsg->authCount = authUsableCount; pSetupMsg->mustAuthenticate = mustAuthenticate; - STORE_STRING (pData, IceVendorString); - STORE_STRING (pData, IceReleaseString); + if (_X_LIKELY(pData != NULL)) { + STORE_STRING (pData, IceVendorString); + STORE_STRING (pData, IceReleaseString); - for (i = 0; i < _IceAuthCount; i++) - if (authUsableFlags[i]) + for (i = 0; i < _IceAuthCount; i++) { - STORE_STRING (pData, _IceAuthNames[i]); + if (authUsableFlags[i]) + { + STORE_STRING (pData, _IceAuthNames[i]); + } } - for (i = 0; i < _IceVersionCount; i++) - { - STORE_CARD16 (pData, _IceVersions[i].major_version); - STORE_CARD16 (pData, _IceVersions[i].minor_version); + for (i = 0; i < _IceVersionCount; i++) + { + STORE_CARD16 (pData, _IceVersions[i].major_version); + STORE_CARD16 (pData, _IceVersions[i].minor_version); + } } + else { + SEND_STRING (iceConn, IceVendorString); + SEND_STRING (iceConn, IceReleaseString); - IceFlush (iceConn); + for (i = 0; i < _IceAuthCount; i++) + { + if (authUsableFlags[i]) + { + SEND_STRING (iceConn, _IceAuthNames[i]); + } + } + for (i = 0; i < _IceVersionCount; i++) + { + CARD16 v; + v = _IceVersions[i].major_version; + IceWriteData16 (iceConn, 2, &v); + v = _IceVersions[i].minor_version; + IceWriteData16 (iceConn, 2, &v); + } + } + IceFlush (iceConn); /* * Process messages until we get a Connection Reply or an Error Message. diff --git a/src/process.c b/src/process.c index 0fdd92b..f9f9938 100644 --- a/src/process.c +++ b/src/process.c @@ -526,10 +526,15 @@ AcceptConnection ( pMsg->versionIndex = versionIndex; - STORE_STRING (pData, IceVendorString); - STORE_STRING (pData, IceReleaseString); + if (pData != NULL) { + STORE_STRING (pData, IceVendorString); + STORE_STRING (pData, IceReleaseString); - IceFlush (iceConn); + IceFlush (iceConn); + } else { + SEND_STRING (iceConn, IceVendorString); + SEND_STRING (iceConn, IceReleaseString); + } iceConn->connection_status = IceConnectAccepted; } @@ -559,10 +564,15 @@ AcceptProtocol ( pMsg->protocolOpcode = myOpcode; pMsg->versionIndex = versionIndex; - STORE_STRING (pData, vendor); - STORE_STRING (pData, release); + if (pData != NULL) { + STORE_STRING (pData, vendor); + STORE_STRING (pData, release); - IceFlush (iceConn); + IceFlush (iceConn); + } else { + SEND_STRING (iceConn, vendor); + SEND_STRING (iceConn, release); + } /* @@ -2555,4 +2565,3 @@ _IceProcessCoreMessage ( const int _IceVersionCount = 1; const _IceVersion _IceVersions[] = { {IceProtoMajor, IceProtoMinor, _IceProcessCoreMessage}}; - diff --git a/src/protosetup.c b/src/protosetup.c index ad9ba88..bdc00c8 100644 --- a/src/protosetup.c +++ b/src/protosetup.c @@ -150,6 +150,17 @@ IceProtocolSetup ( SIZEOF (iceProtocolSetupMsg), WORD64COUNT (extra), iceProtocolSetupMsg, pMsg, pData); + if (pData == NULL) { + iceConn->outbufptr -= SIZEOF (iceProtocolSetupMsg); + free(authIndices); + if (errorStringRet && errorLength > 0) { + strncpy (errorStringRet, + "Too much extra data for iceProtocolSetupMsg", errorLength); + errorStringRet[errorLength - 1] = '\0'; + } + return (IceProtocolSetupFailure); + } + setup_sequence = iceConn->send_sequence; pMsg->protocolOpcode = myOpcode; |