evas cseve - check msgsize before using - coverity

author Carsten Haitzler (Rasterman) <raster@rasterman.com>

Fri, 29 Sep 2017 03:03:37 +0000 (12:03 +0900)

committer Carsten Haitzler (Rasterman) <raster@rasterman.com>

Fri, 29 Sep 2017 03:26:57 +0000 (12:26 +0900)
author Carsten Haitzler (Rasterman) <raster@rasterman.com>
Fri, 29 Sep 2017 03:03:37 +0000 (12:03 +0900)
committer Carsten Haitzler (Rasterman) <raster@rasterman.com>
Fri, 29 Sep 2017 03:26:57 +0000 (12:26 +0900)
diff --git a/src/bin/evas/evas_cserve2_messages.c b/src/bin/evas/evas_cserve2_messages.c

index 8f4f64c..b2c2df9 100644 (file)
--- a/src/bin/evas/evas_cserve2_messages.c
+++ b/src/bin/evas/evas_cserve2_messages.c
@@ -87,7 +87,14 @@ cserve2_message_handler(int fd EINA_UNUSED, Fd_Flags flags, void *data)
       return;
  
     if (!client->msg.reading)
-     len = cserve2_client_read(client, &msgsize, sizeof(msgsize));
+     {
+        len = cserve2_client_read(client, &msgsize, sizeof(msgsize));
+        if ((msgsize < 0) || (msgsize > (128 * 1024)))
+          {
+             ERR("Client sending garbage message size of %i\n", msgsize);
+             return;
+          }
+     }
     else
       len = cserve2_client_read(client, &client->msg.buf[client->msg.done],
                                 client->msg.size - client->msg.done);
author	Carsten Haitzler (Rasterman) <raster@rasterman.com>
	Fri, 29 Sep 2017 03:03:37 +0000 (12:03 +0900)
committer	Carsten Haitzler (Rasterman) <raster@rasterman.com>
	Fri, 29 Sep 2017 03:26:57 +0000 (12:26 +0900)