Address bad_numeric_casts for filetransfers

The filetransfer blockSize is now an unsigned integer, as 0 could be used to denote an invalid block size as well (and indeed, already indicated that better than -1 did). All use of numeric_cast in filetransfer code has been fixed to deal with the possibility of thrown exceptions. Test-Information: Unit tests pass on macOS and Debian Change-Id: I1833d553bae071238be20ebc386ef602effb78b0
author: Edwin Mons <edwin.mons@isode.com> 2018-11-09 10:04:04 (GMT)
committer: Edwin Mons <edwin.mons@isode.com> 2018-11-14 14:18:08 (GMT)
commit: ccad2debbf8d7322c9d2b517763d7b8e3902a828 (patch)
tree: 50054ea69dcf21179920ffdde5790908e48848d8 /Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp
parent: c7ad127218e3901e0006e75aa7e1399b449a845e (diff)
download: swift-ccad2debbf8d7322c9d2b517763d7b8e3902a828.zip
swift-ccad2debbf8d7322c9d2b517763d7b8e3902a828.tar.bz2
1 files changed, 9 insertions, 2 deletions
diff --git a/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp b/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp
index bc4e8e4..0fd40bf 100644
--- a/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp
+++ b/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2016 Isode Limited.
+ * Copyright (c) 2010-2018 Isode Limited.
  * All rights reserved.
  * See the COPYING file for more information.
  */
@@ -138,7 +138,14 @@ void SOCKS5BytestreamServerSession::process() {
                 SafeByteArray result = createSafeByteArray("\x05", 1);
                 result.push_back(hasBytestream ? 0x0 : 0x4);
                 append(result, createByteArray("\x00\x03", 2));
-                result.push_back(boost::numeric_cast<unsigned char>(requestID.size()));
+                try {
+                    result.push_back(boost::numeric_cast<unsigned char>(requestID.size()));
+                }
+                catch (const boost::numeric::bad_numeric_cast& e) {
+                    SWIFT_LOG(warning) << "SOCKS5 request ID is too long (" << requestID.size() << "): " << e.what() << std::endl;
+                    finish();
+                    return;
+                }
                 append(result, concat(requestID, createByteArray("\x00\x00", 2)));
                 if (!hasBytestream) {
                     SWIFT_LOG(debug) << "Readstream or Wrtiestream with ID " << streamID << " not found!" << std::endl;
author	Edwin Mons <edwin.mons@isode.com>	2018-11-09 10:04:04 (GMT)
committer	Edwin Mons <edwin.mons@isode.com>	2018-11-14 14:18:08 (GMT)
commit	ccad2debbf8d7322c9d2b517763d7b8e3902a828 (patch)
tree	50054ea69dcf21179920ffdde5790908e48848d8 /Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp
parent	c7ad127218e3901e0006e75aa7e1399b449a845e (diff)
download	swift-ccad2debbf8d7322c9d2b517763d7b8e3902a828.zip swift-ccad2debbf8d7322c9d2b517763d7b8e3902a828.tar.bz2