Bug 222012. Fix for Security Audit 5.1.2

This commit is contained in:
Jim Norman 2007-05-08 18:05:41 +00:00
parent 3d569e7a9c
commit e597b7ab23
2 changed files with 22 additions and 12 deletions

View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Tue May 8 12:01:24 MDT 2007 - jnorman@novell.com
- Bug 222012. Fix for security audit 5.1.2
-------------------------------------------------------------------
Wed May 2 11:59:20 MDT 2007 - jnorman@novell.com

View File

@ -94,12 +94,6 @@ namespace Novell.CASA.MiCasa.Communication
* allocate.
*/
byte[] msgIdBytes = new byte[2];
bytesRecvd = mSocket.Receive(msgIdBytes);
if (0 == bytesRecvd)
{
return null;
}
byte[] msgLenBytes = new byte[4];
bytesRecvd = mSocket.Receive(msgLenBytes);
if (0 == bytesRecvd)
@ -108,6 +102,14 @@ namespace Novell.CASA.MiCasa.Communication
}
uint msgLen = BitConverter.ToUInt32(msgLenBytes, 0);
// micasad shouldn't return anything too large, however just in case
// don't loop forever
if (msgLen > int.MaxValue)
{
return null;
}
if (msgLen > 6)
{
byte[] buf = null;
@ -118,6 +120,7 @@ namespace Novell.CASA.MiCasa.Communication
// buffer for data
MemoryStream ms = new MemoryStream();
ms.Write(msgLenBytes, 0, 4);
while (totalBytes < (msgLen - 6))
{
@ -134,21 +137,24 @@ namespace Novell.CASA.MiCasa.Communication
}
if (totalBytes == 0)
return null;
byte[] finalbuf = ms.ToArray();
return ms.ToArray();
/*
byte[] finalbuf = ms.ToArray();
int returnBufferLen = msgIdBytes.Length + msgLenBytes.Length + totalBytes;
returnBuffer = new byte[returnBufferLen];
Array.Copy(msgIdBytes, returnBuffer, 2);
Array.Copy(msgLenBytes, 0, returnBuffer, 2, 4);
Array.Copy(finalbuf, 0, returnBuffer, 6, finalbuf.Length);
return returnBuffer;
*
*/
}
else
{
returnBuffer = new byte[6];
Array.Copy(msgIdBytes, returnBuffer, 2);
Array.Copy(msgLenBytes, 0, returnBuffer, 2, 4);
returnBuffer = new byte[4];
Array.Copy(msgLenBytes, 0, returnBuffer, 0, 4);
return returnBuffer;
}
}
@ -164,7 +170,6 @@ namespace Novell.CASA.MiCasa.Communication
try
{
mSocket.Send(buf);
//Console.WriteLine("Bytes written = " + buf.Length);
return buf.Length;
}
catch (Exception e)