Skip to content

Commit

Permalink
Merge pull request #5796 from BOINC/dpa_coverity_426653
Browse files Browse the repository at this point in the history 
client: fix potential byte count overflow
  • Loading branch information
@AenBleidd
AenBleidd committed Sep 5, 2024
2 parents 53d8fb4 + 7be2b45 commit 415efaa
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions client/gui_rpc_server_ops.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1987,20 +1987,20 @@ void GUI_RPC_CONN::handle_get() {
// return nonzero only if we need to close the connection
//
int GUI_RPC_CONN::handle_rpc() {
int n, retval=0;
int retval=0;
char* p;

int left = GUI_RPC_REQ_MSG_SIZE - request_nbytes;
#ifdef _WIN32
n = recv(sock, request_msg+request_nbytes, left, 0);
SSIZE_T nb = recv(sock, request_msg+request_nbytes, left, 0);
#else
n = read(sock, request_msg+request_nbytes, left);
ssize_t nb = read(sock, request_msg+request_nbytes, left);
#endif
if (n <= 0) {
if (nb <= 0) {
request_nbytes = 0;
return ERR_READ;
}
request_nbytes += n;
request_nbytes += nb;

// buffer full?
if (request_nbytes >= GUI_RPC_REQ_MSG_SIZE) {
Expand Down Expand Up @@ -2102,6 +2102,7 @@ int GUI_RPC_CONN::handle_rpc() {
if (!http_request) {
mfout.printf("\003"); // delimiter for non-HTTP replies
}
int n;
mout.get_buf(p, n);
if (http_request) {
char buf[1024];
Expand Down

0 comments on commit 415efaa

Please sign in to comment.