diff options
author | Edwin Mons <edwin.mons@isode.com> | 2018-11-09 10:04:04 (GMT) |
---|---|---|
committer | Edwin Mons <edwin.mons@isode.com> | 2018-11-14 14:18:08 (GMT) |
commit | ccad2debbf8d7322c9d2b517763d7b8e3902a828 (patch) | |
tree | 50054ea69dcf21179920ffdde5790908e48848d8 /Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp | |
parent | c7ad127218e3901e0006e75aa7e1399b449a845e (diff) | |
download | swift-ccad2debbf8d7322c9d2b517763d7b8e3902a828.zip swift-ccad2debbf8d7322c9d2b517763d7b8e3902a828.tar.bz2 |
Address bad_numeric_casts for filetransfers
The filetransfer blockSize is now an unsigned integer, as 0 could be
used to denote an invalid block size as well (and indeed, already
indicated that better than -1 did).
All use of numeric_cast in filetransfer code has been fixed to deal with
the possibility of thrown exceptions.
Test-Information:
Unit tests pass on macOS and Debian
Change-Id: I1833d553bae071238be20ebc386ef602effb78b0
Diffstat (limited to 'Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp')
-rw-r--r-- | Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp b/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp index bc4e8e4..0fd40bf 100644 --- a/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp +++ b/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2016 Isode Limited. + * Copyright (c) 2010-2018 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -138,7 +138,14 @@ void SOCKS5BytestreamServerSession::process() { SafeByteArray result = createSafeByteArray("\x05", 1); result.push_back(hasBytestream ? 0x0 : 0x4); append(result, createByteArray("\x00\x03", 2)); - result.push_back(boost::numeric_cast<unsigned char>(requestID.size())); + try { + result.push_back(boost::numeric_cast<unsigned char>(requestID.size())); + } + catch (const boost::numeric::bad_numeric_cast& e) { + SWIFT_LOG(warning) << "SOCKS5 request ID is too long (" << requestID.size() << "): " << e.what() << std::endl; + finish(); + return; + } append(result, concat(requestID, createByteArray("\x00\x00", 2))); if (!hasBytestream) { SWIFT_LOG(debug) << "Readstream or Wrtiestream with ID " << streamID << " not found!" << std::endl; |