~sircmpwn/aerc

lib: fix an out of bounds panic in the server v2 PROPOSED

Daniel Martí: 1
 lib: fix an out of bounds panic in the server

 1 files changed, 2 insertions(+), 1 deletions(-)
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.sr.ht/~sircmpwn/aerc/patches/9788/mbox | git am -3
Learn more about email & git

[PATCH v2] lib: fix an out of bounds panic in the server Export this patch

If the message doesn't contain ':', we don't properly discard the
message, so we end up slicing it like msg[:-1].

This can be reproduced if one runs 'aerc foo', as the server receives
'foo' as the message.

'aerc foo' still doesn't do anything very user friendly, but at least it
doesn't panic horribly.

While at it, do the 'got message' log at the very beginning, so that the
user can see what message the server got before reporting the command as
invalid.

Signed-off-by: Daniel Martí <mvdan@mvdan.cc>
---
Moving the log line too, as per Reto's suggestion.
 lib/socket.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/socket.go b/lib/socket.go
index d5db3dc..cdf0f73 100644
--- a/lib/socket.go
+++ b/lib/socket.go
@@ -61,10 +61,11 @@ func (as *AercServer) handleClient(conn net.Conn) {
	for scanner.Scan() {
		conn.SetDeadline(time.Now().Add(1 * time.Minute))
		msg := scanner.Text()
		as.logger.Printf("unix:%d: got message %s", clientId, msg)
		if !strings.ContainsRune(msg, ':') {
			conn.Write([]byte("error: invalid command\n"))
			continue
		}
		as.logger.Printf("unix:%d: got message %s", clientId, msg)
		prefix := msg[:strings.IndexRune(msg, ':')]
		switch prefix {
		case "mailto":
-- 
2.25.0
Thanks!

To git.sr.ht:~sircmpwn/aerc
   a82fa2b..72f55b8  master -> master
View this thread in the archives