From a434b7ba8e1fb2f639736b79f6bff668256060b8 Mon Sep 17 00:00:00 2001 From: Philip Withnall Date: Sat, 1 Nov 2014 17:06:29 +0000 Subject: [PATCH] wayland-server: Abort if a read from a client gives 0 length MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This happens on EOF if using a poll function such as select() or kqueue() which doesn’t distinguish EOF events. Currently execution should never reach the point where recvmsg() returns EOF (len == 0). Instead, epoll() will detect this and indicate EPOLLHUP, which is handled a few lines above, closing the connection. However, other event mechanisms may not be able to distinguish EOF from regular readability (in the case of select()) or inconsistently across platforms (in the case of POLLHUP). There is also the possibility of half-closed connections (shutdown(), POLLRDHUP), though this may not be an issue with Wayland. This will not cause problems if the FD polls as readable but actually is not — in that case, recvmsg() will return EAGAIN. Signed-off-by: Philip Withnall Signed-off-by: Karsten Otto Reviewed-by: Marek Chalupa Reviewed-by: Pekka Paalanen --- src/wayland-server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wayland-server.c b/src/wayland-server.c index 7caeb30..7775508 100644 --- a/src/wayland-server.c +++ b/src/wayland-server.c @@ -260,7 +260,7 @@ wl_client_connection_data(int fd, uint32_t mask, void *data) len = 0; if (mask & WL_EVENT_READABLE) { len = wl_connection_read(connection); - if (len < 0 && errno != EAGAIN) { + if (len == 0 || (len < 0 && errno != EAGAIN)) { wl_client_destroy(client); return 1; } -- 2.7.4