Merge pull request from GHSA-chfm-333q-gfpp

Attempts to fis DoS to servers with less then 4GB memory
symless · Jul 14, 2020 · 0a97c2b · 0a97c2b
2 parents 9f71011 + bdd36c3
commit 0a97c2b
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/src/lib/synergy/ProtocolUtil.cpp b/src/lib/synergy/ProtocolUtil.cpp
@@ -61,6 +61,9 @@ ProtocolUtil::readf(synergy::IStream* stream, const char* fmt, ...)
     catch (XIO&) {
         result = false;
     }
+    catch (std::bad_alloc & exception) {
+        result = false;
+    }
     va_end(args);
     return result;
 }
@@ -216,7 +219,15 @@ ProtocolUtil::vreadf(synergy::IStream* stream, const char* fmt, va_list args)
                 // allocate a buffer to read the data
                 UInt8* sBuffer = buffer;
                 if (!useFixed) {
-                    sBuffer = new UInt8[len];
+                    try{
+                        sBuffer = new UInt8[len];
+                    }
+                    catch (std::bad_alloc & exception) {
+                        // Added try catch due to GHSA-chfm-333q-gfpp
+                        LOG((CLOG_ERR "ALLOC: Unable to allocate memory %d bytes", len));
+                        LOG((CLOG_DEBUG "bad_alloc detected: Do you have enough free memory?"));
+                        throw exception;
+                    }
                 }
 
                 // read the data