[Spice-devel] [PATCH spice-server v2 1/3] Dispatcher: validate received message types

Tue Sep 5 18:51:03 UTC 2017

Although dispatcher_send_message() does not allow you to send a message
type that is invalid for a dispatcher, it still makes sense to verify
that the type is valid in the receiver. This should only be possible in
the case of some severe problem such as memory corruption, so if it is
invalid, we simply abort.

Signed-off-by: Jonathon Jongsma <jjongsma at redhat.com>
---
 server/dispatcher.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/server/dispatcher.c b/server/dispatcher.c
index 4e03ea046..6f2c4d85e 100644
--- a/server/dispatcher.c
+++ b/server/dispatcher.c
@@ -285,6 +285,10 @@ static int dispatcher_handle_single_read(Dispatcher *dispatcher)
         /* no messsage */
         return 0;
     }
+    if (type >= dispatcher->priv->max_message_type) {
+        spice_error("Invalid message type for this dispatcher: %u", type);
+        return 0;
+    }
     msg = &dispatcher->priv->messages[type];
     if (read_safe(dispatcher->priv->recv_fd, payload, msg->size, 1) == -1) {
         spice_printerr("error reading from dispatcher: %d", errno);
-- 
2.13.3

