From a337808fa4eb4d47aa2078b86705beceeb8495f1 Mon Sep 17 00:00:00 2001 From: Jonathon Jongsma Date: Thu, 30 Nov 2017 11:53:01 -0600 Subject: [PATCH] StreamDevice: assert preconditions in parsing functions Be a bit more defensive about handling incoming messages from the stream device. This also makes these functions consistent with handle_msg_format(). These assertions are only enabled if ENABLE_EXTRA_CHECKS is defined. Signed-off-by: Jonathon Jongsma Acked-by: Frediano Ziglio --- server/stream-device.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/server/stream-device.c b/server/stream-device.c index a004899f..4eaa959b 100644 --- a/server/stream-device.c +++ b/server/stream-device.c @@ -131,6 +131,10 @@ handle_msg_invalid(StreamDevice *dev, SpiceCharDeviceInstance *sin, const char * { static const char default_error_msg[] = "Protocol error"; + if (ENABLE_EXTRA_CHECKS) { + spice_assert(dev->hdr_pos >= sizeof(StreamDevHeader)); + } + if (!error_msg) { error_msg = default_error_msg; } @@ -164,8 +168,10 @@ handle_msg_format(StreamDevice *dev, SpiceCharDeviceInstance *sin) { SpiceCharDeviceInterface *sif = spice_char_device_get_interface(sin); - spice_assert(dev->hdr_pos >= sizeof(StreamDevHeader)); - spice_assert(dev->hdr.type == STREAM_TYPE_FORMAT); + if (ENABLE_EXTRA_CHECKS) { + spice_assert(dev->hdr_pos >= sizeof(StreamDevHeader)); + spice_assert(dev->hdr.type == STREAM_TYPE_FORMAT); + } int n = sif->read(sin, dev->msg.buf + dev->msg_pos, sizeof(StreamMsgFormat) - dev->msg_pos); if (n < 0) { @@ -190,6 +196,11 @@ handle_msg_data(StreamDevice *dev, SpiceCharDeviceInstance *sin) SpiceCharDeviceInterface *sif = spice_char_device_get_interface(sin); int n; + if (ENABLE_EXTRA_CHECKS) { + spice_assert(dev->hdr_pos >= sizeof(StreamDevHeader)); + spice_assert(dev->hdr.type == STREAM_TYPE_DATA); + } + while (1) { uint8_t buf[16 * 1024]; n = sif->read(sin, buf, sizeof(buf));