From 96c84e563610d5c7846e601605f675f3d3840dd2 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith Date: Wed, 14 Sep 2022 16:29:32 -0700 Subject: Handle arrays too large to fit in iceConn buffers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes numerous gcc warnings of the form: connect.c: In function ‘IceOpenConnection’: ICElibint.h:160:25: warning: potential null pointer dereference [-Wnull-dereference] *((CARD16 *) _pBuf) = _val; \ ^ ICElibint.h:174:5: note: in expansion of macro ‘STORE_CARD16’ STORE_CARD16 (_pBuf, _len); \ ^~~~~~~~~~~~ connect.c:351:5: note: in expansion of macro ‘STORE_STRING’ STORE_STRING (pData, IceReleaseString); ^~~~~~~~~~~~ Signed-off-by: Alan Coopersmith --- src/ICElibint.h | 14 ++++++++++++++ src/connect.c | 43 +++++++++++++++++++++++++++++++++---------- src/process.c | 23 ++++++++++++++++------- src/protosetup.c | 11 +++++++++++ 4 files changed, 74 insertions(+), 17 deletions(-) diff --git a/src/ICElibint.h b/src/ICElibint.h index b64795f..3794085 100644 --- a/src/ICElibint.h +++ b/src/ICElibint.h @@ -179,6 +179,20 @@ typedef struct { } +/* + * SEND FOO - write to connection instead of buffer + */ +#define SEND_STRING(_iceConn, _string) \ +{ \ + char _padding[3] = { 0 }; \ + CARD16 _len = (CARD16) strlen (_string); \ + IceWriteData32 (_iceConn, 2, &_len); \ + if (_len) \ + IceSendData (_iceConn, _len, (char *) _string); \ + if (PAD32 (2 + _len)) \ + IceSendData (_iceConn, PAD32 (2 + _len), _padding); \ +} + /* * EXTRACT FOO */ diff --git a/src/connect.c b/src/connect.c index 2a77372..fcdf196 100644 --- a/src/connect.c +++ b/src/connect.c @@ -347,23 +347,46 @@ IceOpenConnection ( pSetupMsg->authCount = authUsableCount; pSetupMsg->mustAuthenticate = mustAuthenticate; - STORE_STRING (pData, IceVendorString); - STORE_STRING (pData, IceReleaseString); + if (_X_LIKELY(pData != NULL)) { + STORE_STRING (pData, IceVendorString); + STORE_STRING (pData, IceReleaseString); - for (i = 0; i < _IceAuthCount; i++) - if (authUsableFlags[i]) + for (i = 0; i < _IceAuthCount; i++) { - STORE_STRING (pData, _IceAuthNames[i]); + if (authUsableFlags[i]) + { + STORE_STRING (pData, _IceAuthNames[i]); + } } - for (i = 0; i < _IceVersionCount; i++) - { - STORE_CARD16 (pData, _IceVersions[i].major_version); - STORE_CARD16 (pData, _IceVersions[i].minor_version); + for (i = 0; i < _IceVersionCount; i++) + { + STORE_CARD16 (pData, _IceVersions[i].major_version); + STORE_CARD16 (pData, _IceVersions[i].minor_version); + } } + else { + SEND_STRING (iceConn, IceVendorString); + SEND_STRING (iceConn, IceReleaseString); - IceFlush (iceConn); + for (i = 0; i < _IceAuthCount; i++) + { + if (authUsableFlags[i]) + { + SEND_STRING (iceConn, _IceAuthNames[i]); + } + } + for (i = 0; i < _IceVersionCount; i++) + { + CARD16 v; + v = _IceVersions[i].major_version; + IceWriteData16 (iceConn, 2, &v); + v = _IceVersions[i].minor_version; + IceWriteData16 (iceConn, 2, &v); + } + } + IceFlush (iceConn); /* * Process messages until we get a Connection Reply or an Error Message. diff --git a/src/process.c b/src/process.c index 0fdd92b..f9f9938 100644 --- a/src/process.c +++ b/src/process.c @@ -526,10 +526,15 @@ AcceptConnection ( pMsg->versionIndex = versionIndex; - STORE_STRING (pData, IceVendorString); - STORE_STRING (pData, IceReleaseString); + if (pData != NULL) { + STORE_STRING (pData, IceVendorString); + STORE_STRING (pData, IceReleaseString); - IceFlush (iceConn); + IceFlush (iceConn); + } else { + SEND_STRING (iceConn, IceVendorString); + SEND_STRING (iceConn, IceReleaseString); + } iceConn->connection_status = IceConnectAccepted; } @@ -559,10 +564,15 @@ AcceptProtocol ( pMsg->protocolOpcode = myOpcode; pMsg->versionIndex = versionIndex; - STORE_STRING (pData, vendor); - STORE_STRING (pData, release); + if (pData != NULL) { + STORE_STRING (pData, vendor); + STORE_STRING (pData, release); - IceFlush (iceConn); + IceFlush (iceConn); + } else { + SEND_STRING (iceConn, vendor); + SEND_STRING (iceConn, release); + } /* @@ -2555,4 +2565,3 @@ _IceProcessCoreMessage ( const int _IceVersionCount = 1; const _IceVersion _IceVersions[] = { {IceProtoMajor, IceProtoMinor, _IceProcessCoreMessage}}; - diff --git a/src/protosetup.c b/src/protosetup.c index ad9ba88..bdc00c8 100644 --- a/src/protosetup.c +++ b/src/protosetup.c @@ -150,6 +150,17 @@ IceProtocolSetup ( SIZEOF (iceProtocolSetupMsg), WORD64COUNT (extra), iceProtocolSetupMsg, pMsg, pData); + if (pData == NULL) { + iceConn->outbufptr -= SIZEOF (iceProtocolSetupMsg); + free(authIndices); + if (errorStringRet && errorLength > 0) { + strncpy (errorStringRet, + "Too much extra data for iceProtocolSetupMsg", errorLength); + errorStringRet[errorLength - 1] = '\0'; + } + return (IceProtocolSetupFailure); + } + setup_sequence = iceConn->send_sequence; pMsg->protocolOpcode = myOpcode; -- cgit v1.2.3