summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorlouiz’ <louiz@louiz.org>2017-05-09 15:46:20 +0200
committerlouiz’ <louiz@louiz.org>2017-05-09 15:46:20 +0200
commitf7e4adb10bff1c278a8543b230b10881ff3799fa (patch)
tree3b78a631533ad71b2c76f33081bad98fccc79753
parentc046d2ea984a3a5e4069604dc4f61c2f9e60ca44 (diff)
downloadbiboumi-f7e4adb10bff1c278a8543b230b10881ff3799fa.tar.gz
biboumi-f7e4adb10bff1c278a8543b230b10881ff3799fa.tar.bz2
biboumi-f7e4adb10bff1c278a8543b230b10881ff3799fa.tar.xz
biboumi-f7e4adb10bff1c278a8543b230b10881ff3799fa.zip
Avoid any potential int overflow
-rw-r--r--src/network/poller.cpp6
-rw-r--r--src/network/tcp_socket_handler.cpp5
-rw-r--r--src/xmpp/xmpp_component.cpp7
3 files changed, 13 insertions, 5 deletions
diff --git a/src/network/poller.cpp b/src/network/poller.cpp
index ca49180..0f02cc5 100644
--- a/src/network/poller.cpp
+++ b/src/network/poller.cpp
@@ -200,7 +200,11 @@ int Poller::poll(const std::chrono::milliseconds& timeout)
// Unblock all signals, only during the epoll_pwait call
sigset_t empty_signal_set{};
sigemptyset(&empty_signal_set);
- const int nb_events = ::epoll_pwait(this->epfd, revents, max_events, timeout.count(),
+
+ int real_timeout = std::numeric_limits<int>::max();
+ if (timeout.count() < real_timeout) // Just avoid any potential int overflow
+ real_timeout = static_cast<int>(timeout.count());
+ const int nb_events = ::epoll_pwait(this->epfd, revents, max_events, real_timeout,
&empty_signal_set);
if (nb_events == -1)
{
diff --git a/src/network/tcp_socket_handler.cpp b/src/network/tcp_socket_handler.cpp
index 1bd5315..1049375 100644
--- a/src/network/tcp_socket_handler.cpp
+++ b/src/network/tcp_socket_handler.cpp
@@ -227,9 +227,10 @@ void TCPSocketHandler::consume_in_buffer(const std::size_t size)
}
#ifdef BOTAN_FOUND
-void TCPSocketHandler::start_tls(const std::string& address, const std::string& port)
+void TCPSocketHandler::start_tls(const std::string& address, const std::string& port_string)
{
- Botan::TLS::Server_Information server_info(address, "irc", std::stoul(port));
+ auto port = std::min(std::stoul(port_string), static_cast<unsigned long>(std::numeric_limits<uint16_t>::max()));
+ Botan::TLS::Server_Information server_info(address, "irc", static_cast<uint16_t>(port));
auto policy_directory = Config::get("policy_directory", utils::dirname(Config::get_filename()));
if (!policy_directory.empty() && policy_directory[policy_directory.size()-1] != '/')
policy_directory += '/';
diff --git a/src/xmpp/xmpp_component.cpp b/src/xmpp/xmpp_component.cpp
index 35abbee..b138ed9 100644
--- a/src/xmpp/xmpp_component.cpp
+++ b/src/xmpp/xmpp_component.cpp
@@ -112,17 +112,20 @@ void XmppComponent::on_connection_close(const std::string& error)
void XmppComponent::parse_in_buffer(const size_t size)
{
+ // in_buf.size, or size, cannot be bigger than our read-size (4096) so it’s safe
+ // to cast.
+
if (!this->in_buf.empty())
{ // This may happen if the parser could not allocate enough space for
// us. We try to feed it the data that was read into our in_buf
// instead. If this fails again we are in trouble.
- this->parser.feed(this->in_buf.data(), this->in_buf.size(), false);
+ this->parser.feed(this->in_buf.data(), static_cast<int>(this->in_buf.size()), false);
this->in_buf.clear();
}
else
{ // Just tell the parser to parse the data that was placed into the
// buffer it provided to us with GetBuffer
- this->parser.parse(size, false);
+ this->parser.parse(static_cast<int>(size), false);
}
}