ssld: Do not crash if not all fds in a message could be received.

Actually fill the mod_ctl_buf_t.nfds field.
This commit is contained in:
Jilles Tjoelker 2009-11-15 22:41:02 +01:00
parent ae62bed786
commit c03677e9be

View file

@ -678,6 +678,16 @@ ssl_process_connect_cb(rb_fde_t *F, int status, void *data)
} }
static void
cleanup_bad_message(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{
int i;
/* XXX should log this somehow */
for (i = 0; i < ctlb->nfds; i++)
rb_close(ctlb->F[i]);
}
static void static void
ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{ {
@ -918,6 +928,12 @@ mod_process_cmd_recv(mod_ctl_t * ctl)
{ {
case 'A': case 'A':
{ {
if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5)
{
cleanup_bad_message(ctl, ctl_buf);
break;
}
if(!ssl_ok) if(!ssl_ok)
{ {
send_nossl_support(ctl, ctl_buf); send_nossl_support(ctl, ctl_buf);
@ -928,6 +944,12 @@ mod_process_cmd_recv(mod_ctl_t * ctl)
} }
case 'C': case 'C':
{ {
if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5)
{
cleanup_bad_message(ctl, ctl_buf);
break;
}
if(!ssl_ok) if(!ssl_ok)
{ {
send_nossl_support(ctl, ctl_buf); send_nossl_support(ctl, ctl_buf);
@ -964,6 +986,12 @@ mod_process_cmd_recv(mod_ctl_t * ctl)
#ifdef HAVE_LIBZ #ifdef HAVE_LIBZ
case 'Z': case 'Z':
{ {
if (ctl_buf->nfds != 2 || ctl_buf->buflen < 6)
{
cleanup_bad_message(ctl, ctl_buf);
break;
}
/* just zlib only */ /* just zlib only */
zlib_process(ctl, ctl_buf); zlib_process(ctl, ctl_buf);
break; break;
@ -994,6 +1022,7 @@ mod_read_ctl(rb_fde_t *F, void *data)
mod_ctl_buf_t *ctl_buf; mod_ctl_buf_t *ctl_buf;
mod_ctl_t *ctl = data; mod_ctl_t *ctl = data;
int retlen; int retlen;
int i;
do do
{ {
@ -1011,6 +1040,9 @@ mod_read_ctl(rb_fde_t *F, void *data)
{ {
ctl_buf->buflen = retlen; ctl_buf->buflen = retlen;
rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->readq); rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->readq);
for (i = 0; i < MAXPASSFD && ctl_buf->F[i] != NULL; i++)
;
ctl_buf->nfds = i;
} }
} }
while(retlen > 0); while(retlen > 0);