gryf/wmaker
1
0
Fork 0
mirror of https://github.com/gryf/wmaker.git synced 2025-12-19 04:20:27 +01:00
Code Issues Projects Releases Wiki Activity

util: add check for size validity (Coverity #50224)

Browse Source 
As pointed by Coverity, when reading the size of data using 'readmsg' that
size cannot be fully trusted (possibly in case of bugs in present case),
so this patch adds a check to ensure it is valid before continuing.

Signed-off-by: Christophe CURIS <christophe.curis@free.fr>
This commit is contained in:
Christophe CURIS
2014-06-16 20:15:28 +02:00
committed by Carlos R. Mafra
parent 8e9c06627d
commit d90c8d5370
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
util/wmsetbg.c
View File

@@ -918,6 +918,14 @@ static noreturn void helperLoop(RContext * rc)
memcpy(buf, buffer, 4);
buf[4] = 0;
size = atoi(buf);
if (size < 0 || size > sizeof(buffer)) {
wfatal("received invalid size %d for message from WindowMaker", size);
quit(1);
}
if (size == 0) {
werror("received 0-sized message from WindowMaker, trying to continue");
continue;
}
/* get message */
if (readmsg(0, buffer, size) < 0) {