summaryrefslogtreecommitdiffstats
path: root/daemon
diff options
context:
space:
mode:
authorGravatar Hector Martin2010-06-13 18:48:27 +0200
committerGravatar Hector Martin2010-06-13 18:48:27 +0200
commit713cfb3d145f9db242138405f16d4ab225e8ba04 (patch)
treedb3230f6e2099f1d5630e8042386fe5fc0067c10 /daemon
parente1da26918aa8eb025cf18216efce61b2b4cf64b8 (diff)
downloadusbmuxd-713cfb3d145f9db242138405f16d4ab225e8ba04.tar.gz
usbmuxd-713cfb3d145f9db242138405f16d4ab225e8ba04.tar.bz2
Abort processing for some client errors (instead of crashing)
Missing 'return' statements caused the code to keep running on a deallocated client, which would cause the server to crash.
Diffstat (limited to 'daemon')
-rw-r--r--daemon/client.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/daemon/client.c b/daemon/client.c
index 80bc0c7..ac1045a 100644
--- a/daemon/client.c
+++ b/daemon/client.c
@@ -520,14 +520,17 @@ static void process_recv(struct mux_client *client)
usbmuxd_log(LL_INFO, "Client %d version mismatch: expected %d, got %d", client->fd, USBMUXD_PROTOCOL_VERSION, hdr->version);
#endif
client_close(client);
+ return;
}
if(hdr->length > client->ib_capacity) {
usbmuxd_log(LL_INFO, "Client %d message is too long (%d bytes)", client->fd, hdr->length);
client_close(client);
+ return;
}
if(hdr->length < sizeof(struct usbmuxd_header)) {
usbmuxd_log(LL_ERROR, "Client %d message is too short (%d bytes)", client->fd, hdr->length);
client_close(client);
+ return;
}
if(client->ib_size < hdr->length) {
if(did_read)