Add exception when input SSL buffer is overflown. #6

2015-12-14 01:44:02 +01:00 · 2015-12-14 01:44:02 +01:00 · 4b8fad8263
commit 4b8fad8263
parent 7e37c6eb7e
1 changed files with 8 additions and 1 deletions
--- a/src/Transport.cpp
+++ b/src/Transport.cpp
@ -292,9 +292,16 @@ void mumlib::Transport::doReceiveSsl() {
                }

                const int payloadSize = ntohl(*reinterpret_cast<uint32_t *>(sslIncomingBuffer + 2));
-                size_t remaining = payloadSize + 6 - bytesTransferred;
+                const int wholeMessageLength = payloadSize + 6;
+                size_t remaining = wholeMessageLength - bytesTransferred;
                remaining = max(remaining, (size_t) 0);

+                if (wholeMessageLength > MAX_TCP_LENGTH) {
+                    throwTransportException(
+                            (boost::format("message bigger (%d B) than max allowed size (%d B)")
+                             % wholeMessageLength % MAX_TCP_LENGTH).str());
+                }
+
                return remaining;
            },
            [this](const boost::system::error_code &ec, size_t bytesTransferred) {