On Thu, May 19, 2016 at 06:38:08PM +0200, Pavel Grunt wrote:
> Related: rhbz#1335239
> ---
> src/spice-uri.c | 8 ++++++--
> tests/test-spice-uri.c | 2 ++
> 2 files changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/src/spice-uri.c b/src/spice-uri.c
> index b483374..6a43461 100644
> --- a/src/spice-uri.c
> +++ b/src/spice-uri.c
> @@ -165,8 +165,8 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error)
> uri_port = uriv[1];
>
> if (uri_port != NULL) {
> - char *endptr;
> - guint port = strtoul(uri_port, &endptr, 10);
> + gchar *endptr;
> + gint64 port = g_ascii_strtoll(uri_port, &endptr, 10);
Not sure this is 100% related to this change? but why not
> if (*endptr != '\0') {
> g_set_error(error, SPICE_CLIENT_ERROR, SPICE_CLIENT_ERROR_FAILED,
> "Invalid uri port: %s", uri_port);
> @@ -175,6 +175,10 @@ gboolean spice_uri_parse(SpiceURI *self, const gchar *_uri, GError **error)
> g_set_error(error, SPICE_CLIENT_ERROR, SPICE_CLIENT_ERROR_FAILED, "Missing uri port");
> goto end;
> }
> + if (port < 0 || port > 65535) {
> + g_set_error(error, SPICE_CLIENT_ERROR, SPICE_CLIENT_ERROR_FAILED, "Port out of range");
> + goto end;
> + }
I'd check for <= 0
Christophe
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel