geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Bug 222012. Fix for Security Audit 5.1.2

Browse Source
This commit is contained in:
Jim Norman 2007-05-08 18:05:41 +00:00
parent 3d569e7a9c
commit e597b7ab23
2 changed files with 22 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CASA/CASA.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Tue May 8 12:01:24 MDT 2007 - jnorman@novell.com
- Bug 222012. Fix for security audit 5.1.2
------------------------------------------------------------------- -------------------------------------------------------------------
Wed May 2 11:59:20 MDT 2007 - jnorman@novell.com Wed May 2 11:59:20 MDT 2007 - jnorman@novell.com

29
CASA/micasad/lib/communication/UnixIPCClientChannel.cs
View File

@ -94,12 +94,6 @@ namespace Novell.CASA.MiCasa.Communication
* allocate. * allocate.
*/ */
byte[] msgIdBytes = new byte[2];
bytesRecvd = mSocket.Receive(msgIdBytes);
if (0 == bytesRecvd)
{
return null;
}
byte[] msgLenBytes = new byte[4]; byte[] msgLenBytes = new byte[4];
bytesRecvd = mSocket.Receive(msgLenBytes); bytesRecvd = mSocket.Receive(msgLenBytes);
if (0 == bytesRecvd) if (0 == bytesRecvd)
@ -108,6 +102,14 @@ namespace Novell.CASA.MiCasa.Communication
} }
uint msgLen = BitConverter.ToUInt32(msgLenBytes, 0); uint msgLen = BitConverter.ToUInt32(msgLenBytes, 0);
// micasad shouldn't return anything too large, however just in case
// don't loop forever
if (msgLen > int.MaxValue)
{
return null;
}
if (msgLen > 6) if (msgLen > 6)
{ {
byte[] buf = null; byte[] buf = null;
@ -118,6 +120,7 @@ namespace Novell.CASA.MiCasa.Communication
// buffer for data // buffer for data
MemoryStream ms = new MemoryStream(); MemoryStream ms = new MemoryStream();
ms.Write(msgLenBytes, 0, 4);
while (totalBytes < (msgLen - 6)) while (totalBytes < (msgLen - 6))
{ {
@ -134,21 +137,24 @@ namespace Novell.CASA.MiCasa.Communication
} }
if (totalBytes == 0) if (totalBytes == 0)
return null; return null;
byte[] finalbuf = ms.ToArray(); return ms.ToArray();
/*
byte[] finalbuf = ms.ToArray();
int returnBufferLen = msgIdBytes.Length + msgLenBytes.Length + totalBytes; int returnBufferLen = msgIdBytes.Length + msgLenBytes.Length + totalBytes;
returnBuffer = new byte[returnBufferLen]; returnBuffer = new byte[returnBufferLen];
Array.Copy(msgIdBytes, returnBuffer, 2); Array.Copy(msgIdBytes, returnBuffer, 2);
Array.Copy(msgLenBytes, 0, returnBuffer, 2, 4); Array.Copy(msgLenBytes, 0, returnBuffer, 2, 4);
Array.Copy(finalbuf, 0, returnBuffer, 6, finalbuf.Length); Array.Copy(finalbuf, 0, returnBuffer, 6, finalbuf.Length);
return returnBuffer; return returnBuffer;
*
*/
} }
else else
{ {
returnBuffer = new byte[6]; returnBuffer = new byte[4];
Array.Copy(msgIdBytes, returnBuffer, 2); Array.Copy(msgLenBytes, 0, returnBuffer, 0, 4);
Array.Copy(msgLenBytes, 0, returnBuffer, 2, 4);
return returnBuffer; return returnBuffer;
} }
} }
@ -164,7 +170,6 @@ namespace Novell.CASA.MiCasa.Communication
try try
{ {
mSocket.Send(buf); mSocket.Send(buf);
//Console.WriteLine("Bytes written = " + buf.Length);
return buf.Length; return buf.Length;
} }
catch (Exception e) catch (Exception e)