[PATCH 13/16] util: add check for size validity (Coverity #50224)

Christophe Mon, 16 Jun 2014 11:17:27 -0700

From: Christophe CURIS <christophe.cu...@free.fr>

As pointed by Coverity, when reading the size of data using 'readmsg' that
size cannot be fully trusted (possibly in case of bugs in present case),
so this patch adds a check to ensure it is valid before continuing.


Signed-off-by: Christophe CURIS <christophe.cu...@free.fr>
---
 util/wmsetbg.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/util/wmsetbg.c b/util/wmsetbg.c
index 6747950..c25d60b 100644
--- a/util/wmsetbg.c
+++ b/util/wmsetbg.c
@@ -918,6 +918,14 @@ static noreturn void helperLoop(RContext * rc)
                memcpy(buf, buffer, 4);
                buf[4] = 0;
                size = atoi(buf);
+               if (size < 0 || size > sizeof(buffer)) {
+                       wfatal("received invalid size %d for message from 
WindowMaker", size);
+                       quit(1);
+               }
+               if (size == 0) {
+                       werror("received 0-sized message from WindowMaker, 
trying to continue");
+                       continue;
+               }
 
                /* get message */
                if (readmsg(0, buffer, size) < 0) {
-- 
1.9.2


-- 
To unsubscribe, send mail to wmaker-dev-unsubscr...@lists.windowmaker.org.

[PATCH 13/16] util: add check for size validity (Coverity #50224)

Reply via email to