]> granicus.if.org Git - p11-kit/commitdiff
projects / p11-kit / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8b64577)
rpc: Return early if call_id of request is ERROR
authorDaiki Ueno <dueno@redhat.com>
Mon, 22 May 2017 13:44:50 +0000 (15:44 +0200)
committerDaiki Ueno <ueno@gnu.org>
Mon, 22 May 2017 13:57:52 +0000 (15:57 +0200)
Otherwise it will cause assertion failure in a few lines below.
Spotted by amrican fuzzy lop.

p11-kit/rpc-message.c patch | blob | history

diff --git a/p11-kit/rpc-message.c b/p11-kit/rpc-message.c
index b5ac52888da320adcfe02f0df68fdce99ec61fc7..d1b491d910ecec2721ecc27574e03336180572e5 100644 (file)
--- a/p11-kit/rpc-message.c
+++ b/p11-kit/rpc-message.c
@@ -171,7 +171,8 @@ p11_rpc_message_parse (p11_rpc_message *msg,
        msg->signature = msg->sigverify = NULL;
 
        /* The call id and signature */
-       if (call_id >= P11_RPC_CALL_MAX) {
+       if (call_id >= P11_RPC_CALL_MAX ||
+           (type == P11_RPC_REQUEST && call_id == P11_RPC_CALL_ERROR)) {
                p11_message ("invalid message: bad call id: %d", call_id);
                return false;
        }
Unnamed repository; edit this file 'description' to name the repository.