Skip to content

Commit

Permalink
Perform bounds checking for SG protocol queries.
Browse files Browse the repository at this point in the history 
Verify that we receive the expected number of arguments for
QUERY_SG_FILEQUERY and QUERY_SG_GETFILELIST, to prevent a Qt assert from
taking down the backend due to invalid network commands.

I didn't do an exhaustive search, just happened to notice these as I was
trying to figure out how these 2 commands work.
  • Loading branch information
@sphery
sphery committed Feb 1, 2011
1 parent 8195d9c commit 1632811
Showing 1 changed file with 20 additions and 2 deletions.
22 changes: 20 additions & 2 deletions mythtv/programs/mythbackend/mainserver.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3080,13 +3080,22 @@ void MainServer::HandleSGGetFileList(QStringList &sList,
PlaybackSock *pbs)
{
MythSocket *pbssock = pbs->getSocket();
QStringList strList;

if ((sList.size() < 4) || (sList.size() > 5))
{
VERBOSE(VB_IMPORTANT, QString("HandleSGGetFileList: Invalid Request. "
"%1").arg(sList.join("[]:[]")));
strList << "EMPTY LIST";
SendResponse(pbssock, strList);
return;
}

QString host = gCoreContext->GetHostName();
QString wantHost = sList.at(1);
QString groupname = sList.at(2);
QString path = sList.at(3);
bool fileNamesOnly = false;
QStringList strList;

if (sList.size() >= 5)
fileNamesOnly = sList.at(4).toInt();
Expand Down Expand Up @@ -3137,11 +3146,20 @@ void MainServer::HandleSGFileQuery(QStringList &sList,
PlaybackSock *pbs)
{
MythSocket *pbssock = pbs->getSocket();
QStringList strList;

if (sList.size() != 4)
{
VERBOSE(VB_IMPORTANT, QString("HandleSGFileQuery: Invalid Request. %1")
.arg(sList.join("[]:[]")));
strList << "EMPTY LIST";
SendResponse(pbssock, strList);
return;
}

QString wantHost = sList.at(1);
QString groupname = sList.at(2);
QString filename = sList.at(3);
QStringList strList;

bool slaveUnreachable = false;

Expand Down

0 comments on commit 1632811

Please sign in to comment.