starter: Fail sending stroke message if a string exceeds the buffer size
authorMartin Willi <martin@revosec.ch>
Fri, 6 Feb 2015 15:37:09 +0000 (16:37 +0100)
committerMartin Willi <martin@revosec.ch>
Fri, 6 Feb 2015 15:44:27 +0000 (16:44 +0100)
Instead of silently setting the string value to NULL, we fail completely in
sending the message to notify the user.

Fixes #844.

src/starter/starterstroke.c

index 1e305db..6e1f160 100644 (file)
@@ -35,10 +35,16 @@ static char* push_string(stroke_msg_t *msg, char *string)
 {
        unsigned long string_start = msg->length;
 
-       if (string == NULL || msg->length + strlen(string) >= sizeof(stroke_msg_t))
+       if (string == NULL)
        {
                return NULL;
        }
+       else if ((size_t)msg->length + strlen(string) >= sizeof(stroke_msg_t))
+       {
+               /* set invalid length to fail during message send */
+               msg->length = ~0;
+               return NULL;
+       }
        else
        {
                msg->length += strlen(string) + 1;
@@ -53,6 +59,12 @@ static int send_stroke_msg (stroke_msg_t *msg)
        char *uri, buffer[64];
        int count;
 
+       if (msg->length > sizeof(stroke_msg_t))
+       {
+               DBG1(DBG_APP, "stroke message exceeds buffer size");
+               return -1;
+       }
+
        /* starter is not called from commandline, and therefore absolutely silent */
        msg->output_verbosity = -1;