[PATCH spice-server 14/23] websocket: Avoid possible server crash using websockets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Currently code don't handle if system can't sent the
header in a single write command.
Don't cause abort but just close the connection.

Signed-off-by: Frediano Ziglio <fziglio@xxxxxxxxxx>
---
 server/websocket.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/server/websocket.c b/server/websocket.c
index dda71f768..6f1581f9c 100644
--- a/server/websocket.c
+++ b/server/websocket.c
@@ -439,7 +439,12 @@ int websocket_writev(RedsWebSocket *ws, const struct iovec *iov, int iovcnt)
     }
     rc -= header_len;
 
-    spice_assert(rc >= 0);
+    /* TODO this in theory can happen if we can't write the header */
+    if (SPICE_UNLIKELY(rc < 0)) {
+        ws->closed = true;
+        errno = EPIPE;
+        return -1;
+    }
 
     /* Key point:  if we did not write out all the data, remember how
        much more data the client is expecting, and write that data without
-- 
2.20.1

_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/spice-devel




[Index of Archives]     [Linux Virtualization]     [Linux Virtualization]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]     [Monitors]