[Spice-devel] [PATCH spice-xpi] Validate port values
Marc-André Lureau
mlureau at redhat.com
Tue Apr 3 07:40:23 PDT 2012
----- Mensaje original -----
> On Tue, Apr 03, 2012 at 03:56:12PM +0200, Peter Hatina wrote:
> > On 04/03/2012 03:39 PM, Marc-André Lureau wrote:
> > >
> > >
> > > ----- Mensaje original -----
> > >>
> > >> void nsPluginInstance::Connect()
> > >> {
> > >> + const int port = portToInt(m_port);
> > >> + const int sport = portToInt(m_secure_port);
> > >> +
> > >> + if (port < 0)
> > >> + LOG_ERROR("invalid port: " << m_port);
> > >> + if (sport < 0)
> > >> + LOG_ERROR("invalid secure port: " << m_secure_port);
> > >> + if (port < 0 && sport < 0)
> > >> + return;
> > >
> > > Do we really want to proceed if any of the value is incorrect? I
> > > would say no.
> >
> > You mean, when there is one of the values valid and the other
> > invalid?
> > That's what I was asking on #spice. I do not know, if
> > spicec/virt-viewer
> > can work only with secure port. With unencrypted port, it works.
> >
> > Can anyone competent tell me, if to stop or not?
> >
>
> Marc-Andre, I think it's valid to proceed with a single port as long
> as
> the channels are only allocated to the valid port. Besides, -1 is not
> invalid, it just means "don't open this port".
Yeah, that's why I would not error out if port is in range [-1..65535], as said in previous patch review: this is not an invalid argument, iiuc.
More information about the Spice-devel
mailing list