From d080cb1ed80a0e528b2b755ee48ca18cb670175e Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sun, 20 May 2018 23:40:20 +0200 Subject: check return values from GNSRECORD_record_serialize/size always --- src/namestore/namestore_api.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'src/namestore/namestore_api.c') diff --git a/src/namestore/namestore_api.c b/src/namestore/namestore_api.c index 57bf8f81b..f2aaa43c8 100644 --- a/src/namestore/namestore_api.c +++ b/src/namestore/namestore_api.c @@ -1033,7 +1033,7 @@ GNUNET_NAMESTORE_records_store (struct GNUNET_NAMESTORE_Handle *h, struct GNUNET_MQ_Envelope *env; char *name_tmp; char *rd_ser; - size_t rd_ser_len; + ssize_t rd_ser_len; size_t name_len; uint32_t rid; struct RecordStoreMessage *msg; @@ -1045,6 +1045,18 @@ GNUNET_NAMESTORE_records_store (struct GNUNET_NAMESTORE_Handle *h, GNUNET_break (0); return NULL; } + rd_ser_len = GNUNET_GNSRECORD_records_get_size (rd_count, + rd); + if (rd_ser_len < 0) + { + GNUNET_break (0); + return NULL; + } + if (rd_ser_len > UINT16_MAX) + { + GNUNET_break (0); + return NULL; + } rid = get_op_id (h); qe = GNUNET_new (struct GNUNET_NAMESTORE_QueueEntry); qe->h = h; @@ -1056,8 +1068,6 @@ GNUNET_NAMESTORE_records_store (struct GNUNET_NAMESTORE_Handle *h, qe); /* setup msg */ - rd_ser_len = GNUNET_GNSRECORD_records_get_size (rd_count, - rd); env = GNUNET_MQ_msg_extra (msg, name_len + rd_ser_len, GNUNET_MESSAGE_TYPE_NAMESTORE_RECORD_STORE); @@ -1077,8 +1087,10 @@ GNUNET_NAMESTORE_records_store (struct GNUNET_NAMESTORE_Handle *h, rd, rd_ser_len, rd_ser); - if (0 > sret) + if ( (0 > sret) || + (sret != rd_ser_len) ) { + GNUNET_break (0); GNUNET_free (env); return NULL; } -- cgit v1.2.3