Swiftdiff options
| author | Edwin Mons <edwin.mons@isode.com> | 2018-11-09 10:04:04 (GMT) |
|---|---|---|
| committer | Edwin Mons <edwin.mons@isode.com> | 2018-11-14 14:18:08 (GMT) |
| commit | ccad2debbf8d7322c9d2b517763d7b8e3902a828 (patch) | |
| tree | 50054ea69dcf21179920ffdde5790908e48848d8 /Swiften/FileTransfer | |
| parent | c7ad127218e3901e0006e75aa7e1399b449a845e (diff) | |
| download | swift-ccad2debbf8d7322c9d2b517763d7b8e3902a828.zip swift-ccad2debbf8d7322c9d2b517763d7b8e3902a828.tar.bz2 | |
Address bad_numeric_casts for filetransfers
The filetransfer blockSize is now an unsigned integer, as 0 could be
used to denote an invalid block size as well (and indeed, already
indicated that better than -1 did).
All use of numeric_cast in filetransfer code has been fixed to deal with
the possibility of thrown exceptions.
Test-Information:
Unit tests pass on macOS and Debian
Change-Id: I1833d553bae071238be20ebc386ef602effb78b0
Diffstat (limited to 'Swiften/FileTransfer')
| -rw-r--r-- | Swiften/FileTransfer/ByteArrayReadBytestream.cpp | 22 | ||||
| -rw-r--r-- | Swiften/FileTransfer/IBBSendSession.cpp | 4 | ||||
| -rw-r--r-- | Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp | 11 | ||||
| -rw-r--r-- | Swiften/FileTransfer/UnitTest/IBBSendSessionTest.cpp | 4 |
4 files changed, 27 insertions, 14 deletions
diff --git a/Swiften/FileTransfer/ByteArrayReadBytestream.cpp b/Swiften/FileTransfer/ByteArrayReadBytestream.cpp index cd9fa4a..3fdff27 100644 --- a/Swiften/FileTransfer/ByteArrayReadBytestream.cpp +++ b/Swiften/FileTransfer/ByteArrayReadBytestream.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2016 Isode Limited. + * Copyright (c) 2010-2018 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -19,13 +19,19 @@ std::shared_ptr<ByteArray> ByteArrayReadBytestream::read(size_t size) { if (position + readSize > data.size()) { readSize = data.size() - position; } - std::shared_ptr<ByteArray> result = std::make_shared<ByteArray>( - data.begin() + boost::numeric_cast<long long>(position), - data.begin() + boost::numeric_cast<long long>(position) + boost::numeric_cast<long long>(readSize)); - - onRead(*result); - position += readSize; - return result; + try { + std::shared_ptr<ByteArray> result = std::make_shared<ByteArray>( + data.begin() + boost::numeric_cast<long long>(position), + data.begin() + boost::numeric_cast<long long>(position) + boost::numeric_cast<long long>(readSize)); + onRead(*result); + position += readSize; + return result; + } + catch (const boost::numeric::bad_numeric_cast&) { + // If we cannot cast to long long, we probably ran out of memory long ago + assert(false); + return {}; + } } void ByteArrayReadBytestream::addData(const std::vector<unsigned char>& moreData) { diff --git a/Swiften/FileTransfer/IBBSendSession.cpp b/Swiften/FileTransfer/IBBSendSession.cpp index e51c91c..258412b 100644 --- a/Swiften/FileTransfer/IBBSendSession.cpp +++ b/Swiften/FileTransfer/IBBSendSession.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2016 Isode Limited. + * Copyright (c) 2010-2018 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -40,7 +40,7 @@ IBBSendSession::~IBBSendSession() { void IBBSendSession::start() { IBBRequest::ref request = IBBRequest::create( - from, to, IBB::createIBBOpen(id, boost::numeric_cast<int>(blockSize)), router); + from, to, IBB::createIBBOpen(id, blockSize), router); request->onResponse.connect(boost::bind(&IBBSendSession::handleIBBResponse, this, _1, _2)); active = true; request->send(); diff --git a/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp b/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp index bc4e8e4..0fd40bf 100644 --- a/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp +++ b/Swiften/FileTransfer/SOCKS5BytestreamServerSession.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2016 Isode Limited. + * Copyright (c) 2010-2018 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -138,7 +138,14 @@ void SOCKS5BytestreamServerSession::process() { SafeByteArray result = createSafeByteArray("\x05", 1); result.push_back(hasBytestream ? 0x0 : 0x4); append(result, createByteArray("\x00\x03", 2)); - result.push_back(boost::numeric_cast<unsigned char>(requestID.size())); + try { + result.push_back(boost::numeric_cast<unsigned char>(requestID.size())); + } + catch (const boost::numeric::bad_numeric_cast& e) { + SWIFT_LOG(warning) << "SOCKS5 request ID is too long (" << requestID.size() << "): " << e.what() << std::endl; + finish(); + return; + } append(result, concat(requestID, createByteArray("\x00\x00", 2))); if (!hasBytestream) { SWIFT_LOG(debug) << "Readstream or Wrtiestream with ID " << streamID << " not found!" << std::endl; diff --git a/Swiften/FileTransfer/UnitTest/IBBSendSessionTest.cpp b/Swiften/FileTransfer/UnitTest/IBBSendSessionTest.cpp index f9057f8..2399cbe 100644 --- a/Swiften/FileTransfer/UnitTest/IBBSendSessionTest.cpp +++ b/Swiften/FileTransfer/UnitTest/IBBSendSessionTest.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2016 Isode Limited. + * Copyright (c) 2010-2018 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -58,7 +58,7 @@ class IBBSendSessionTest : public CppUnit::TestFixture { CPPUNIT_ASSERT(stanzaChannel->isRequestAtIndex<IBB>(0, JID("foo@bar.com/baz"), IQ::Set)); IBB::ref ibb = stanzaChannel->sentStanzas[0]->getPayload<IBB>(); CPPUNIT_ASSERT_EQUAL(IBB::Open, ibb->getAction()); - CPPUNIT_ASSERT_EQUAL(1234, ibb->getBlockSize()); + CPPUNIT_ASSERT_EQUAL(1234u, ibb->getBlockSize()); CPPUNIT_ASSERT_EQUAL(std::string("myid"), ibb->getStreamID()); } |