Author: nevans
Date: 2008-02-25 15:25:21 -0700 (Mon, 25 Feb 2008)
New Revision: 6460
Modified:
GNUnet/src/applications/chat/chat.c
GNUnet/src/applications/chat/clientapi.c
Log:
Modified: GNUnet/src/applications/chat/chat.c
===================================================================
--- GNUnet/src/applications/chat/chat.c 2008-02-25 21:54:01 UTC (rev 6459)
+++ GNUnet/src/applications/chat/chat.c 2008-02-25 22:25:21 UTC (rev 6460)
@@ -35,14 +35,10 @@
static GNUNET_CoreAPIForPlugins *coreAPI;
-#define MAX_LAST_MESSAGES 12
-
static struct GNUNET_Mutex *chatMutex;
static struct GNUNET_GE_Context *ectx;
-static struct GNUNET_GC_Configuration *cfg;
-
struct GNUNET_CS_chat_client
{
struct GNUNET_ClientHandle *client;
@@ -87,11 +83,16 @@
msg_len = ntohl (cmsg->msg_len);
room_name_len = ntohl (cmsg->room_name_len);
+ if (header_size < (nick_len + msg_len + room_name_len))
+ {
+ GNUNET_GE_BREAK (NULL, 0);
+ return GNUNET_SYSERR; /* invalid message */
+ }
+
nick = GNUNET_malloc (nick_len + 1);
message_content = GNUNET_malloc (msg_len + 1);
room_name = GNUNET_malloc (room_name_len + 1);
- /* BUFFER OVERFLOWS! */
memcpy (nick, &cmsg->nick[0], nick_len);
memcpy (message_content, &cmsg->nick[nick_len], msg_len);
memcpy (room_name, &cmsg->nick[nick_len + msg_len], room_name_len);
@@ -168,16 +169,22 @@
return GNUNET_SYSERR; /* invalid message */
}
+
header_size = ntohs (cmsg->header.size);
nick_len = ntohl (cmsg->nick_len);
pubkey_len = ntohl (cmsg->pubkey_len);
room_name_len = ntohl (cmsg->room_name_len);
+ if (header_size < (nick_len + pubkey_len + room_name_len))
+ {
+ GNUNET_GE_BREAK (NULL, 0);
+ return GNUNET_SYSERR; /* invalid message */
+ }
+
nick = GNUNET_malloc (nick_len + 1);
client_key = GNUNET_malloc (sizeof (GNUNET_RSA_PublicKey));
room_name = GNUNET_malloc (room_name_len + 1);
- /* BUFFER OVERFLOWS */
memcpy (nick, &cmsg->nick[0], nick_len);
memcpy (client_key, &cmsg->nick[nick_len], pubkey_len);
memcpy (room_name, &cmsg->nick[nick_len + pubkey_len], room_name_len);
@@ -196,7 +203,7 @@
/*TODO: create client context on the server, very simple as of now */
#if EXTRA_CHECKS
tempClient = client_list;
- while ((tempClient->client != client) && (tempClient != NULL))
+ while ((tempClient != NULL) && (tempClient->client != client))
tempClient = tempClient->next;
if (tempClient != NULL)
{
@@ -228,36 +235,6 @@
fprintf (stderr, "Number of clients currently is... %d\n", tempCount);
- /* forward to all other TCP chat clients */
- /* marker to check if this is a new client */
- /*
- j = -1;
- for (i = 0; i < clientCount; i++)
- if (clients[i] == client)
- j = i;
- else
- coreAPI->cs_send_to_client (clients[i], message, GNUNET_YES);
- if (j == -1)
- {
- if (clientCount == MAX_CLIENTS)
- GNUNET_GE_LOG (ectx,
- GNUNET_GE_WARNING | GNUNET_GE_BULK | GNUNET_GE_USER,
- _("Maximum number of chat clients reached.\n"));
- else
- {
- GNUNET_array_grow (clients, clientCount, clientCount + 1);
- clients[clientCount] = client;
- ++clientCount;
- GNUNET_GE_LOG (ectx,
- GNUNET_GE_DEBUG | GNUNET_GE_REQUEST | GNUNET_GE_USER,
- _("Now %d of %d chat clients at this node.\n"),
- clientCount, MAX_CLIENTS);
- }
- }
- */
-
- /* forward to all other nodes in the network */
-
GNUNET_free (nick);
GNUNET_free (client_key);
GNUNET_free (room_name);
@@ -272,22 +249,16 @@
chatClientExitHandler (struct GNUNET_ClientHandle *client)
{
int tempCount;
-
struct GNUNET_CS_chat_client *tempClient;
struct GNUNET_CS_chat_client *pos;
struct GNUNET_CS_chat_client *prev;
- /*client_key = GNUNET_malloc (sizeof (GNUNET_RSA_PublicKey));
- memcpy (client_key, &cmsg->nick[nick_len], pubkey_len); */
-
GNUNET_GE_LOG (ectx,
GNUNET_GE_DEBUG | GNUNET_GE_REQUEST | GNUNET_GE_DEVELOPER,
"Received leave chat room message from client.\n");
-
GNUNET_mutex_lock (chatMutex);
- /*TODO: delete client context on the server */
pos = client_list_head;
prev = NULL;
while ((pos != NULL) && (pos->client != client))
@@ -315,10 +286,9 @@
tempClient = tempClient->next;
}
fprintf (stderr, "Number of clients currently is... %d\n", tempCount);
+ /*End of client count code */
-
GNUNET_mutex_unlock (chatMutex);
- fprintf (stderr, "End of handleChatLeave\n");
return;
}
Modified: GNUnet/src/applications/chat/clientapi.c
===================================================================
--- GNUnet/src/applications/chat/clientapi.c 2008-02-25 21:54:01 UTC (rev
6459)
+++ GNUnet/src/applications/chat/clientapi.c 2008-02-25 22:25:21 UTC (rev
6460)
@@ -100,6 +100,12 @@
/* NO NEED TO SEND ROOM! */
room_name_len = ntohl (received_msg->room_name_len);
+ if (size < (nick_len + msg_len + room_name_len))
+ {
+ GNUNET_GE_BREAK (NULL, 0);
+ return GNUNET_SYSERR; /* invalid message */
+ }
+
nick = GNUNET_malloc (nick_len + 1);
message_content = GNUNET_malloc (msg_len + 1);
room_name = GNUNET_malloc (room_name_len + 1);
_______________________________________________
GNUnet-SVN mailing list
GNUnet-SVN@gnu.org
http://lists.gnu.org/mailman/listinfo/gnunet-svn
