Socket::ReadDigestScope ds (socket);
auto length = socket->read_uint32 ();
+ if (length > 65536) {
+ throw NetworkError("Malformed encode request (too large)");
+ }
+
scoped_array<char> buffer (new char[length]);
socket->read (reinterpret_cast<uint8_t*>(buffer.get()), length);
_accept_socket->read (reinterpret_cast<uint8_t*>(&length), sizeof(uint32_t));
length = ntohl (length);
+ if (length > 65536) {
+ start_accept();
+ return;
+ }
+
scoped_array<char> buffer(new char[length]);
_accept_socket->read (reinterpret_cast<uint8_t*>(buffer.get()), length);
server_available = buffer.get();
void handle (shared_ptr<Socket> socket) override
{
try {
- int const length = socket->read_uint32 ();
- scoped_array<char> buffer(new char[length]);
- socket->read (reinterpret_cast<uint8_t*>(buffer.get()), length);
- string s (buffer.get());
- emit(boost::bind(boost::ref(StartJob), s));
- socket->write (reinterpret_cast<uint8_t const *>("OK"), 3);
+ auto const length = socket->read_uint32();
+ if (length < 65536) {
+ scoped_array<char> buffer(new char[length]);
+ socket->read(reinterpret_cast<uint8_t*>(buffer.get()), length);
+ string s(buffer.get());
+ emit(boost::bind(boost::ref(StartJob), s));
+ socket->write (reinterpret_cast<uint8_t const *>("OK"), 3);
+ }
} catch (...) {
}
void handle (shared_ptr<Socket> socket) override
{
try {
- int const length = socket->read_uint32 ();
+ uint32_t const length = socket->read_uint32 ();
+ if (length > 65536) {
+ return;
+ }
scoped_array<char> buffer (new char[length]);
socket->read (reinterpret_cast<uint8_t*> (buffer.get()), length);
string s (buffer.get());