From 1930a95000d336b76d18c0c95ef77e138c9a4cd0 Mon Sep 17 00:00:00 2001 From: Nabil Otsmane <44232317+nabil-otsmane@users.noreply.github.com> Date: Mon, 25 Nov 2024 01:50:35 +0100 Subject: [PATCH] shm: fix shm fd size check before creating or resizing shm_pool (#8572) * protocols: fix shm fd size check before creating or resizing shm_pool * added static to function --- src/protocols/core/Shm.cpp | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/src/protocols/core/Shm.cpp b/src/protocols/core/Shm.cpp index a8c98bb0..708d41c3 100644 --- a/src/protocols/core/Shm.cpp +++ b/src/protocols/core/Shm.cpp @@ -1,6 +1,7 @@ #include "Shm.hpp" #include #include +#include #include #include "../../render/Texture.hpp" #include "../types/WLBuffer.hpp" @@ -99,10 +100,25 @@ void CSHMPool::resize(size_t size_) { LOGM(ERR, "Couldn't mmap {} bytes from fd {} of shm client", size, fd); } +static int shmIsSizeValid(int fd, size_t size) { + struct stat st; + if (fstat(fd, &st) == -1) { + LOGM(ERR, "Couldn't get stat for fd {} of shm client", fd); + return 0; + } + + return (size_t)st.st_size >= size; +} + CWLSHMPoolResource::CWLSHMPoolResource(SP resource_, int fd_, size_t size_) : resource(resource_) { if (!good()) return; + if (!shmIsSizeValid(fd_, size_)) { + resource_->error(-1, "The size of the file is not big enough for the shm pool"); + return; + } + pool = makeShared(fd_, size_); resource->setDestroy([this](CWlShmPool* r) { PROTO::shm->destroyResource(this); }); @@ -113,6 +129,11 @@ CWLSHMPoolResource::CWLSHMPoolResource(SP resource_, int fd_, size_t r->error(-1, "Shrinking a shm pool is illegal"); return; } + if (!shmIsSizeValid(pool->fd, size_)) { + r->error(-1, "The size of the file is not big enough for the shm pool"); + return; + } + pool->resize(size_); });