From 76e93874676705054d0a2a9bc3fd54a45b87b10a Mon Sep 17 00:00:00 2001 From: csoler Date: Sun, 26 Apr 2020 14:19:44 +0200 Subject: [PATCH] fixed deserialiser for rawWrapper causing crashes when wrapper memory is not initialized properly by the client --- .../src/serialiser/rstypeserializer.cc | 26 +++++++++++-------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/libretroshare/src/serialiser/rstypeserializer.cc b/libretroshare/src/serialiser/rstypeserializer.cc index 0144201b4..8e029e3dd 100644 --- a/libretroshare/src/serialiser/rstypeserializer.cc +++ b/libretroshare/src/serialiser/rstypeserializer.cc @@ -543,10 +543,16 @@ void RsTypeSerializer::RawMemoryWrapper::serial_process( break; case RsGenericSerializer::DESERIALIZE: { + // In case first,second is not properly initialized, we set them to nullptr,0 + first = nullptr; + second = 0; + uint32_t serialSize = 0; RS_SERIAL_PROCESS(serialSize); + if(!ctx.mOk) break; - ctx.mOk = serialSize <= MAX_SERIALIZED_CHUNK_SIZE; + ctx.mOk = (serialSize <= MAX_SERIALIZED_CHUNK_SIZE); + if(!ctx.mOk) { RsErr() << __PRETTY_FUNCTION__ @@ -565,25 +571,23 @@ void RsTypeSerializer::RawMemoryWrapper::serial_process( break; } - ctx.mOk = ctx.mSize >= ctx.mOffset + serialSize; + ctx.mOk = (ctx.mSize >= ctx.mOffset + serialSize); + if(!ctx.mOk) { - RsErr() << __PRETTY_FUNCTION__ << std::errc::no_buffer_space - << std::endl; + RsErr() << __PRETTY_FUNCTION__ << std::errc::no_buffer_space << std::endl; print_stacktrace(); clear(); break; } - if(serialSize != second) - { - first = reinterpret_cast(realloc(first, serialSize)); - second = serialSize; - } + first = reinterpret_cast(malloc(serialSize)); + second = serialSize; + + memcpy(first, ctx.mData + ctx.mOffset, serialSize); + ctx.mOffset += serialSize; - memcpy(first, ctx.mData + ctx.mOffset, second); - ctx.mOffset += second; break; } case RsGenericSerializer::PRINT: break;