[PATCH:lbxproxy] Ensure lbxMaxServers stays within a reasonable range
Kenneth Graunke
kenneth at whitecape.org
Tue Apr 21 23:50:52 PDT 2015
On Thursday, April 16, 2015 10:15:41 PM Alan Coopersmith wrote:
> Avoid opportunity for integer overflow when allocating servers array.
>
> Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
> ---
> di/utils.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/di/utils.c b/di/utils.c
> index 7f7aa46..752d913 100644
> --- a/di/utils.c
> +++ b/di/utils.c
> @@ -392,7 +392,11 @@ proxyProcessArgument(int argc, char **argv, int i)
> if (strcmp (argv[i], "-maxservers") == 0)
> {
> if (++i < argc)
> + {
> lbxMaxServers = atoi(argv[i]);
> + if (lbxMaxServers <= 0 || lbxMaxServers > 1024)
> + FatalError("out of range value for -maxservers");
> + }
> else
> ShowHelpAndExit (1);
> return 2;
> @@ -449,6 +453,8 @@ ProcessCommandLine(int argc, char *argv[])
> */
> if ((env = getenv ("LBXPROXY_MAXSERVERS")))
> lbxMaxServers = atoi (env);
> + if (lbxMaxServers <= 0 || lbxMaxServers > 1024)
> + FatalError("out of range value for LBXPROXY_MAXSERVERS");
>
> for ( i = 1; i < argc; i++ )
> {
>
Never heard of this software before now :) I read up on it a bit;
it sounds like hardly anyone actually uses it. I expect there are
basically 0 users who want to proxy connections to more than 1024 X
servers at a time. If there are, they should be able to start more
than 1 instance of lbxproxy as a viable workaround. Or they can
submit a patch.
So, for what it's worth,
Reviewed-by: Kenneth Graunke <kenneth at whitecape.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.x.org/archives/xorg-devel/attachments/20150421/3bc4f9bc/attachment.sig>
More information about the xorg-devel
mailing list