From 0134cf4cdefabb23b0f265167faab237045cd8e0 Mon Sep 17 00:00:00 2001 From: Demi Marie Obenour Date: Wed, 24 Jul 2024 21:21:21 -0400 Subject: [PATCH] Reject messages with trailing junk These will never be sent by libwayland and likely indicate that a peer is using a wrong protocol specification. Furthermore, there are other implementations that also reject such messages, so using them is not portable. Signed-off-by: Demi Marie Obenour --- doc/publican/sources/Protocol.xml | 2 ++ src/connection.c | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/doc/publican/sources/Protocol.xml b/doc/publican/sources/Protocol.xml index af5f437d..6fdfa8b2 100644 --- a/doc/publican/sources/Protocol.xml +++ b/doc/publican/sources/Protocol.xml @@ -113,6 +113,8 @@ The second has 2 parts of 16 bits each. The upper 16 bits are the message size in bytes, starting at the header (i.e. it has a minimum value of 8). The lower is the request/event opcode. The size must be a multiple of 4. + Messages must be sent using the fewest bytes possible, so padding after + the end of a message is not permitted. diff --git a/src/connection.c b/src/connection.c index 93f5a090..b24434a5 100644 --- a/src/connection.c +++ b/src/connection.c @@ -1069,6 +1069,12 @@ wl_connection_demarshal(struct wl_connection *connection, } } + if (p != end) { + wl_log("trailing junk\n"); + errno = EINVAL; + goto err; + } + wl_connection_consume(connection, size); return closure;