|
 |
95e694 |
From 5aaaa5bd91261a6b61fcaa75585f8446b9eeb036 Mon Sep 17 00:00:00 2001
|
|
|
95e694 |
From: Uri Lublin <uril@redhat.com>
|
|
|
95e694 |
Date: Tue, 31 Jul 2018 16:18:15 +0300
|
|
|
95e694 |
Subject: [PATCH 1/4] start streaming: check num_codecs
|
|
|
95e694 |
|
|
|
95e694 |
The server sends StreamMsgStartStop to tell spice-streaming-agent
|
|
|
95e694 |
to start streaming and a list of available codecs.
|
|
|
95e694 |
|
|
|
95e694 |
The first uint8_t is the number of codecs.
|
|
|
95e694 |
Each following uint8_t is a codec.
|
|
|
95e694 |
|
|
|
95e694 |
This patch checks that the number of codecs in the message, as
|
|
|
95e694 |
reported by the server, is not too large.
|
|
|
95e694 |
---
|
|
|
95e694 |
src/spice-streaming-agent.cpp | 5 +++++
|
|
|
95e694 |
1 file changed, 5 insertions(+)
|
|
|
95e694 |
|
|
|
95e694 |
diff --git a/src/spice-streaming-agent.cpp b/src/spice-streaming-agent.cpp
|
|
|
95e694 |
index 1121f35..9ebbf5d 100644
|
|
|
95e694 |
--- a/src/spice-streaming-agent.cpp
|
|
|
95e694 |
+++ b/src/spice-streaming-agent.cpp
|
|
|
95e694 |
@@ -95,6 +95,11 @@ static void handle_stream_start_stop(StreamPort &stream_port, uint32_t len)
|
|
|
95e694 |
syslog(LOG_INFO, "GOT START_STOP message -- request to %s streaming\n",
|
|
|
95e694 |
streaming_requested ? "START" : "STOP");
|
|
|
95e694 |
client_codecs.clear();
|
|
|
95e694 |
+ const int mnc = len - 1; /* max num codecs, see struct StreamMsgStartStop */
|
|
|
95e694 |
+ if (msg[0] > mnc) {
|
|
|
95e694 |
+ throw std::runtime_error("num_codecs=" + std::to_string(msg[0]) +
|
|
|
95e694 |
+ " > max_num_codecs=" + std::to_string(mnc));
|
|
|
95e694 |
+ }
|
|
|
95e694 |
for (int i = 1; i <= msg[0]; ++i) {
|
|
|
95e694 |
client_codecs.insert((SpiceVideoCodecType) msg[i]);
|
|
|
95e694 |
}
|
|
|
95e694 |
--
|
|
|
95e694 |
2.17.1
|
|
|
95e694 |
|