From 214d54b42e92f74553c0dc862aa22acd224f6830 Mon Sep 17 00:00:00 2001 From: Rui Abreu Ferreira Date: Wed, 5 Nov 2014 11:59:52 +0000 Subject: msgpack-rpc: Return from msgpack_rpc_validate on error - When validating a msgpack msg we need to return on the first error otherwise we can SEGFAULT with invalid checks --- src/nvim/msgpack_rpc/helpers.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'src') diff --git a/src/nvim/msgpack_rpc/helpers.c b/src/nvim/msgpack_rpc/helpers.c index 4414aadb15..22e296f9a6 100644 --- a/src/nvim/msgpack_rpc/helpers.c +++ b/src/nvim/msgpack_rpc/helpers.c @@ -377,14 +377,17 @@ void msgpack_rpc_validate(uint64_t *response_id, // Validate the basic structure of the msgpack-rpc payload if (req->type != MSGPACK_OBJECT_ARRAY) { api_set_error(err, Validation, _("Request is not an array")); + return; } if (req->via.array.size != 4) { api_set_error(err, Validation, _("Request array size should be 4")); + return; } if (req->via.array.ptr[1].type != MSGPACK_OBJECT_POSITIVE_INTEGER) { api_set_error(err, Validation, _("Id must be a positive integer")); + return; } // Set the response id, which is the same as the request @@ -392,18 +395,22 @@ void msgpack_rpc_validate(uint64_t *response_id, if (req->via.array.ptr[0].type != MSGPACK_OBJECT_POSITIVE_INTEGER) { api_set_error(err, Validation, _("Message type must be an integer")); + return; } if (req->via.array.ptr[0].via.u64 != 0) { api_set_error(err, Validation, _("Message type must be 0")); + return; } if (req->via.array.ptr[2].type != MSGPACK_OBJECT_BIN && req->via.array.ptr[2].type != MSGPACK_OBJECT_STR) { api_set_error(err, Validation, _("Method must be a string")); + return; } if (req->via.array.ptr[3].type != MSGPACK_OBJECT_ARRAY) { api_set_error(err, Validation, _("Paremeters must be an array")); + return; } } -- cgit