diff -Nauwr a/include/X11/ICE/ICEmsg.h b/include/X11/ICE/ICEmsg.h --- a/include/X11/ICE/ICEmsg.h 2014-09-04 16:45:44.841057872 +0530 +++ b/include/X11/ICE/ICEmsg.h 2014-09-04 16:51:00.637057534 +0530 @@ -45,7 +45,7 @@ char * /* ptr */ ); -extern void _IceReadSkip ( +extern Status _IceReadSkip ( IceConn /* iceConn */, unsigned long /* nbytes */ ); @@ -123,6 +123,7 @@ */ #define IceGetHeader(_iceConn, _major, _minor, _headerSize, _msgType, _pMsg) \ + if(_iceConn && _iceConn->outbufptr && _iceConn->outbufmax && _iceConn->send_sequence ){ \ if ((_iceConn->outbufptr + _headerSize) > _iceConn->outbufmax) \ IceFlush (_iceConn); \ _pMsg = (_msgType *) _iceConn->outbufptr; \ @@ -130,9 +131,11 @@ _pMsg->minorOpcode = _minor; \ _pMsg->length = (_headerSize - SIZEOF (iceMsg)) >> 3; \ _iceConn->outbufptr += _headerSize; \ - _iceConn->send_sequence++ + _iceConn->send_sequence++; \ + } #define IceGetHeaderExtra(_iceConn, _major, _minor, _headerSize, _extra, _msgType, _pMsg, _pData) \ + if(_iceConn && _iceConn->outbufptr && _iceConn->outbufmax && _iceConn->send_sequence ) { \ if ((_iceConn->outbufptr + \ _headerSize + ((_extra) << 3)) > _iceConn->outbufmax) \ IceFlush (_iceConn); \ @@ -146,16 +149,19 @@ _pMsg->minorOpcode = _minor; \ _pMsg->length = ((_headerSize - SIZEOF (iceMsg)) >> 3) + (_extra); \ _iceConn->outbufptr += (_headerSize + ((_extra) << 3)); \ - _iceConn->send_sequence++ - + _iceConn->send_sequence++; \ + } #define IceSimpleMessage(_iceConn, _major, _minor) \ { \ + if (_iceConn) { \ iceMsg *_pMsg; \ IceGetHeader (_iceConn, _major, _minor, SIZEOF (iceMsg), iceMsg, _pMsg); \ + } \ } #define IceErrorHeader(_iceConn, _offendingMajorOpcode, _offendingMinorOpcode, _offendingSequenceNum, _severity, _errorClass, _dataLength) \ { \ + if (_iceConn){ \ iceErrorMsg *_pMsg; \ \ IceGetHeader (_iceConn, _offendingMajorOpcode, ICE_Error, \ @@ -165,6 +171,7 @@ _pMsg->severity = (CARD8) _severity; \ _pMsg->offendingSequenceNum = (CARD32) _offendingSequenceNum; \ _pMsg->errorClass = (CARD16) _errorClass; \ +} \ } @@ -173,7 +180,7 @@ */ #define IceWriteData(_iceConn, _bytes, _data) \ -{ \ +{ if(_iceConn &&_iceConn->outbufptr && _iceConn->outbufmax ){ \ if ((_iceConn->outbufptr + (_bytes)) > _iceConn->outbufmax) \ { \ IceFlush (_iceConn); \ @@ -184,8 +191,10 @@ memcpy (_iceConn->outbufptr, _data, _bytes); \ _iceConn->outbufptr += (_bytes); \ } \ + }\ } + #define IceWriteData16(_iceConn, _bytes, _data) \ IceWriteData (_iceConn, _bytes, (char *) _data) @@ -200,10 +209,11 @@ */ #define IceSendData(_iceConn, _bytes, _data) \ -{ \ +{ if(_iceConn &&_iceConn->outbufptr) { \ if (_iceConn->outbufptr > _iceConn->outbuf) \ IceFlush (_iceConn); \ _IceWrite (_iceConn, (unsigned long) (_bytes), _data); \ +} \ } @@ -213,7 +223,7 @@ */ #define IceWritePad(_iceConn, _bytes) \ -{ \ +{ if(_iceConn &&_iceConn->outbufptr){ \ if ((_iceConn->outbufptr + (_bytes)) > _iceConn->outbufmax) \ { \ char _dummy[7] = { 0 }; \ @@ -224,66 +234,94 @@ { \ _iceConn->outbufptr += (_bytes); \ } \ + } \ } - /* * Macros for reading messages. */ #define IceReadCompleteMessage(_iceConn, _headerSize, _msgType, _pMsg, _pData)\ { \ + if(_iceConn &&_iceConn->inbufmax && _iceConn->inbufptr){ \ unsigned long _bytes; \ IceReadMessageHeader (_iceConn, _headerSize, _msgType, _pMsg); \ _bytes = (_pMsg->length << 3) - (_headerSize - SIZEOF (iceMsg)); \ if ((_iceConn->inbufmax - _iceConn->inbufptr) >= _bytes) \ { \ - _IceRead (_iceConn, _bytes, _iceConn->inbufptr); \ + if(!_IceRead (_iceConn, _bytes, _iceConn->inbufptr)) \ + _iceConn = NULL; \ + else{ \ _pData = _iceConn->inbufptr; \ _iceConn->inbufptr += _bytes; \ } \ + } \ else \ { \ - _pData = malloc (_bytes); \ - if (_pData) \ - _IceRead (_iceConn, _bytes, _pData); \ + _pData = (char *) malloc ((unsigned) _bytes); \ + if (_pData) { \ + if(! _IceRead (_iceConn, _bytes, _pData)) \ + _iceConn = NULL; \ + } \ else \ - _IceReadSkip (_iceConn, _bytes); \ + if(! _IceReadSkip (_iceConn, _bytes)) \ + _iceConn = NULL; \ + } \ } \ } + #define IceDisposeCompleteMessage(_iceConn, _pData) \ + if(_iceConn && _iceConn->inbuf && _iceConn->inbufmax ){ \ if ((char *) _pData < _iceConn->inbuf || \ (char *) _pData >= _iceConn->inbufmax) \ - free (_pData); + free (_pData); \ + } #define IceReadSimpleMessage(_iceConn, _msgType, _pMsg) \ + if(_iceConn && _iceConn->inbuf) \ _pMsg = (_msgType *) (_iceConn->inbuf); #define IceReadMessageHeader(_iceConn, _headerSize, _msgType, _pMsg) \ { \ - _IceRead (_iceConn, \ + if(_iceConn &&_iceConn->inbufptr && _iceConn->inbuf) {\ + if(!_IceRead (_iceConn, \ (unsigned long) (_headerSize - SIZEOF (iceMsg)), \ - _iceConn->inbufptr); \ + _iceConn->inbufptr) \ + ) { \ + _iceConn = NULL; \ + } else { \ _pMsg = (_msgType *) (_iceConn->inbuf); \ _iceConn->inbufptr += (_headerSize - SIZEOF (iceMsg)); \ +}\ +} \ } #define IceReadData(_iceConn, _bytes, _pData) \ - _IceRead (_iceConn, (unsigned long) (_bytes), (char *) _pData); \ + if (_iceConn) \ + if(!_IceRead (_iceConn, (unsigned long) (_bytes), (char *) _pData)) \ + _iceConn = NULL; + + #define IceReadData16(_iceConn, _swap, _bytes, _pData) \ -{ \ - _IceRead (_iceConn, (unsigned long) (_bytes), (char *) _pData); \ +{ if (_iceConn){ \ + if(!_IceRead (_iceConn, (unsigned long) (_bytes), (char *) _pData)) \ + _iceConn = NULL; \ + } \ } #define IceReadData32(_iceConn, _swap, _bytes, _pData) \ { \ - _IceRead (_iceConn, (unsigned long) (_bytes), (char *) _pData); \ + if(_iceConn) { \ + if(! _IceRead (_iceConn, (unsigned long) (_bytes), (char *) _pData)) \ + _iceConn = NULL;\ + }\ } + /* * Read pad bytes (for 32 or 64 bit alignment). * A maxium of 7 pad bytes can be specified. @@ -292,9 +330,13 @@ #define IceReadPad(_iceConn, _bytes) \ { \ char _dummy[7]; \ - _IceRead (_iceConn, (unsigned long) (_bytes), _dummy); \ + if(_iceConn) { \ + if(! _IceRead (_iceConn, (unsigned long) (_bytes), _dummy)) \ + iceConn = NULL; \ +}\ } + _XFUNCPROTOEND #endif /* _ICEMSG_H_ */ diff -Nauwr a/src/misc.c b/src/misc.c --- a/src/misc.c 2014-09-04 16:44:53.746057927 +0530 +++ b/src/misc.c 2014-09-04 16:50:30.030057567 +0530 @@ -309,7 +309,7 @@ * message can be processed correctly. */ -void +Status _IceReadSkip ( register IceConn iceConn, register unsigned long nbytes @@ -321,9 +321,11 @@ { unsigned long rbytes = nbytes > 512 ? 512 : nbytes; - _IceRead (iceConn, rbytes, temp); +if(!_IceRead (iceConn, rbytes, temp)) + return 0; nbytes -= rbytes; } + return 1; } diff -Nauwr a/src/process.c b/src/process.c --- a/src/process.c 2014-09-04 16:44:36.386057945 +0530 +++ b/src/process.c 2014-09-04 16:49:15.850057646 +0530 @@ -39,32 +39,40 @@ */ #define CHECK_SIZE_MATCH(_iceConn, _opcode, _expected_len, _actual_len, _severity, _return) \ + if (_iceConn){ \ if ((((_actual_len) - SIZEOF (iceMsg)) >> 3) != _expected_len) \ { \ _IceErrorBadLength (_iceConn, 0, _opcode, _severity); \ return (_return); \ + } \ } #define CHECK_AT_LEAST_SIZE(_iceConn, _opcode, _expected_len, _actual_len, _severity) \ + if (_iceConn) { \ if ((((_actual_len) - SIZEOF (iceMsg)) >> 3) > _expected_len) \ { \ _IceErrorBadLength (_iceConn, 0, _opcode, _severity); \ return (0); \ + } \ } #define CHECK_COMPLETE_SIZE(_iceConn, _opcode, _expected_len, _actual_len, _pStart, _severity) \ + if (_iceConn) { \ if (((PADDED_BYTES64((_actual_len)) - SIZEOF (iceMsg)) >> 3) \ != _expected_len) \ { \ _IceErrorBadLength (_iceConn, 0, _opcode, _severity); \ IceDisposeCompleteMessage (iceConn, _pStart); \ return (0); \ + }\ } #define BAIL_STRING(_iceConn, _opcode, _pStart) {\ + if(_iceConn) { \ _IceErrorBadLength (_iceConn, 0, _opcode, IceFatalToConnection);\ IceDisposeCompleteMessage (_iceConn, _pStart);\ return (0);\ +} \ } #ifndef HAVE_ASPRINTF @@ -363,7 +371,8 @@ _IceErrorBadMajor (iceConn, header->majorOpcode, header->minorOpcode, IceCanContinue); - _IceReadSkip (iceConn, header->length << 3); + if( !_IceReadSkip (iceConn, header->length << 3)) + iceConn = NULL; } else { @@ -390,7 +399,8 @@ } } } - + if (iceConn) + { if (replyReady) { _IceSetReplyReady (iceConn, useThisReplyWait); @@ -425,7 +435,7 @@ iceConn->connection_status = IceConnectIOError; retStatus = IceProcessMessagesIOError; } - + } return (retStatus); } @@ -609,7 +619,7 @@ IceReadCompleteMessage (iceConn, SIZEOF (iceErrorMsg), iceErrorMsg, message, pStart); - if (!IceValidIO (iceConn)) + if (iceConn && !IceValidIO (iceConn)) { IceDisposeCompleteMessage (iceConn, pStart); return (0); @@ -641,7 +651,7 @@ } else { - if (iceConn->connect_to_you && + if (iceConn && iceConn->connect_to_you && ((!iceConn->connect_to_you->auth_active && message->offendingMinorOpcode == ICE_ConnectionSetup) || (iceConn->connect_to_you->auth_active && @@ -707,7 +717,7 @@ errorReply->type = ICE_CONNECTION_ERROR; errorReply->error_message = errorStr; } - else if (iceConn->protosetup_to_you && + else if (iceConn && iceConn->protosetup_to_you && ((!iceConn->protosetup_to_you->auth_active && message->offendingMinorOpcode == ICE_ProtocolSetup) || (iceConn->protosetup_to_you->auth_active && @@ -807,7 +817,7 @@ IcePoAuthProc authProc; - if (iceConn->connect_to_you && + if (iceConn && iceConn->connect_to_you && iceConn->connect_to_you->auth_active) { authProc = _IcePoAuthProcs[(int) @@ -817,7 +827,7 @@ True /* clean up */, False /* swap */, 0, NULL, NULL, NULL, NULL); } - else if (iceConn->protosetup_to_you && + else if (iceConn && iceConn->protosetup_to_you && iceConn->protosetup_to_you->auth_active) { _IcePoProtocol *protocol = _IceProtocols[ @@ -879,7 +889,7 @@ IceReadCompleteMessage (iceConn, SIZEOF (iceConnectionSetupMsg), iceConnectionSetupMsg, message, pStart); - if (!IceValidIO (iceConn)) + if (iceConn && !IceValidIO (iceConn)) { IceDisposeCompleteMessage (iceConn, pStart); return (0); @@ -1133,7 +1143,7 @@ IceReadCompleteMessage (iceConn, SIZEOF (iceAuthRequiredMsg), iceAuthRequiredMsg, message, authData); - if (!IceValidIO (iceConn)) + if (iceConn && !IceValidIO (iceConn)) { IceDisposeCompleteMessage (iceConn, authData); return (0); @@ -1148,7 +1158,7 @@ message->authDataLength + SIZEOF (iceAuthRequiredMsg), authData, iceConn->connect_to_you ? IceFatalToConnection : IceFatalToProtocol); - if (iceConn->connect_to_you) + if (iceConn && iceConn->connect_to_you) { if ((int) message->authIndex >= _IceAuthCount) { @@ -1177,7 +1187,7 @@ iceConn->connect_to_you->auth_active = 1; } } - else if (iceConn->protosetup_to_you) + else if (iceConn && iceConn->protosetup_to_you) { if ((int) message->authIndex >= iceConn->protosetup_to_you->my_auth_count) @@ -1238,12 +1248,12 @@ replyWait->sequence_of_request = iceConn->send_sequence; replyWait->minor_opcode_of_request = ICE_AuthReply; - if (iceConn->connect_to_you) + if (iceConn && iceConn->connect_to_you) { iceConn->connect_to_you->my_auth_state = authState; iceConn->connect_to_you->my_auth_index = message->authIndex; } - else if (iceConn->protosetup_to_you) + else if (iceConn && iceConn->protosetup_to_you) { iceConn->protosetup_to_you->my_auth_state = authState; iceConn->protosetup_to_you->my_auth_index = realAuthIndex; @@ -1273,7 +1283,7 @@ returnErrorString = NULL; free (errorString); - if (iceConn->connect_to_you) + if (iceConn && iceConn->connect_to_you) { _IceConnectionError *errorReply = &(((_IceReply *) (replyWait->reply))->connection_error); @@ -1322,7 +1332,7 @@ IceReadCompleteMessage (iceConn, SIZEOF (iceAuthReplyMsg), iceAuthReplyMsg, message, replyData); - if (!IceValidIO (iceConn)) + if (iceConn && !IceValidIO (iceConn)) { IceDisposeCompleteMessage (iceConn, replyData); return (0); @@ -1339,7 +1349,7 @@ replyDataLen = message->authDataLength; - if (iceConn->connect_to_me) + if (iceConn && iceConn->connect_to_me) { IcePaAuthProc authProc = _IcePaAuthProcs[(int) (iceConn->connect_to_me->my_auth_index)]; @@ -1409,7 +1419,7 @@ iceConn->connect_to_me = NULL; } } - else if (iceConn->protosetup_to_me) + else if (iceConn && iceConn->protosetup_to_me) { _IcePaProtocol *myProtocol = _IceProtocols[iceConn->protosetup_to_me-> my_opcode - 1].accept_client; @@ -1621,7 +1631,7 @@ IceReadCompleteMessage (iceConn, SIZEOF (iceAuthNextPhaseMsg), iceAuthNextPhaseMsg, message, authData); - if (!IceValidIO (iceConn)) + if (iceConn && !IceValidIO (iceConn)) { IceDisposeCompleteMessage (iceConn, authData); return (0); @@ -1636,14 +1646,14 @@ message->authDataLength + SIZEOF (iceAuthNextPhaseMsg), authData, iceConn->connect_to_you ? IceFatalToConnection : IceFatalToProtocol); - if (iceConn->connect_to_you) + if (iceConn && iceConn->connect_to_you) { authProc = _IcePoAuthProcs[(int) (iceConn->connect_to_you->my_auth_index)]; authState = &iceConn->connect_to_you->my_auth_state; } - else if (iceConn->protosetup_to_you) + else if (iceConn && iceConn->protosetup_to_you) { _IcePoProtocol *myProtocol = _IceProtocols[iceConn->protosetup_to_you->my_opcode - 1].orig_client; @@ -1700,7 +1710,7 @@ returnErrorString = NULL; free (errorString); - if (iceConn->connect_to_you) + if (iceConn && iceConn->connect_to_you) { _IceConnectionError *errorReply = &(((_IceReply *) (replyWait->reply))->connection_error); @@ -1748,7 +1758,7 @@ IceReadCompleteMessage (iceConn, SIZEOF (iceConnectionReplyMsg), iceConnectionReplyMsg, message, pStart); - if (!IceValidIO (iceConn)) + if (iceConn && !IceValidIO (iceConn)) { IceDisposeCompleteMessage (iceConn, pStart); return (0); @@ -1770,7 +1780,7 @@ pData = pStart; - if (iceConn->connect_to_you) + if (iceConn && iceConn->connect_to_you) { if (iceConn->connect_to_you->auth_active) { @@ -1829,7 +1839,6 @@ } - static int ProcessProtocolSetup ( IceConn iceConn, @@ -2247,7 +2256,7 @@ IceReadCompleteMessage (iceConn, SIZEOF (iceProtocolReplyMsg), iceProtocolReplyMsg, message, pStart); - if (!IceValidIO (iceConn)) + if (iceConn && !IceValidIO (iceConn)) { IceDisposeCompleteMessage (iceConn, pStart); return (0); @@ -2269,7 +2278,7 @@ pData = pStart; - if (iceConn->protosetup_to_you) + if (iceConn && iceConn->protosetup_to_you) { if (iceConn->protosetup_to_you->auth_active) { diff -Nauwr a/src/protosetup.c b/src/protosetup.c --- a/src/protosetup.c 2014-09-04 16:44:43.411057938 +0530 +++ b/src/protosetup.c 2014-09-04 16:49:23.179057638 +0530 @@ -57,6 +57,7 @@ unsigned long setup_sequence; IceReplyWaitInfo replyWait; _IceReply reply; + IceProcessMessagesStatus msgStatus; IcePoVersionRec *versionRec = NULL; int authCount; int *authIndices; @@ -193,8 +194,17 @@ while (!gotReply && !ioErrorOccured) { - ioErrorOccured = (IceProcessMessages ( - iceConn, &replyWait, &gotReply) == IceProcessMessagesIOError); + msgStatus = IceProcessMessages ( iceConn, &replyWait, &gotReply); + if (msgStatus == IceProcessMessagesConnectionClosed) + { + iceConn == NULL; + strncpy (errorStringRet, + "Connection Closure occured doing Protocol Setup on connection", + errorLength); + + return (IceProtocolSetupFailure); + } + ioErrorOccured = (msgStatus == IceProcessMessagesIOError); if (ioErrorOccured) {