1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-06-10 10:01:13 +09:00

LibIPC: Break from message parsing if whole message payload is not ready

Fixes the bug when we try to read message payload without checking if we
received enough bytes or file descriptors.
This commit is contained in:
Aliaksandr Kalenik 2025-04-07 18:22:04 +02:00 committed by Alexander Kalenik
parent 1d9e226206
commit ac643aa392
Notes: github-actions[bot] 2025-04-07 18:26:57 +00:00
2 changed files with 7 additions and 1 deletions

View file

@ -152,9 +152,13 @@ TransportSocket::ShouldShutdown TransportSocket::read_as_many_messages_as_possib
}
size_t index = 0;
while (index + sizeof(MessageHeader) < m_unprocessed_bytes.size()) {
while (index + sizeof(MessageHeader) <= m_unprocessed_bytes.size()) {
MessageHeader header;
memcpy(&header, m_unprocessed_bytes.data() + index, sizeof(MessageHeader));
if (header.size + sizeof(MessageHeader) > m_unprocessed_bytes.size() - index)
break;
if (header.fd_count > m_unprocessed_fds.size())
break;
Message message;
for (size_t i = 0; i < header.fd_count; ++i)
message.fds.append(m_unprocessed_fds.dequeue());