Skip to content

Commit

Permalink
Fix freeze and high CPU usage on invalid STDIN data, resolves keepass…
Browse files Browse the repository at this point in the history
  • Loading branch information
phoerious committed Mar 6, 2018
1 parent 386b78b commit 63a17f6
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 23 deletions.
26 changes: 17 additions & 9 deletions src/browser/NativeMessagingHost.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -107,18 +107,26 @@ void NativeMessagingHost::readLength()

void NativeMessagingHost::readStdIn(const quint32 length)
{
if (length > 0) {
QByteArray arr;
arr.reserve(length);
if (length <= 0) {
return;
}

for (quint32 i = 0; i < length; ++i) {
arr.append(getchar());
}
QByteArray arr;
arr.reserve(length);

if (arr.length() > 0) {
QMutexLocker locker(&m_mutex);
sendReply(m_browserClients.readResponse(arr));
QMutexLocker locker(&m_mutex);

for (quint32 i = 0; i < length; ++i) {
int c = std::getchar();
if (c == EOF) {
// message ended prematurely, ignore it and return
return;
}
arr.append(static_cast<char>(c));
}

if (arr.length() > 0) {
sendReply(m_browserClients.readResponse(arr));
}
}

Expand Down
13 changes: 8 additions & 5 deletions src/main.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -143,12 +143,15 @@ int main(int argc, char** argv)

const bool pwstdin = parser.isSet(pwstdinOption);
for (const QString& filename: fileNames) {
QString password;
if (pwstdin) {
// we always need consume a line of STDIN if --pw-stdin is set to clear out the
// buffer for native messaging, even if the specified file does not exist
static QTextStream in(stdin, QIODevice::ReadOnly);
password = in.readLine();
}

if (!filename.isEmpty() && QFile::exists(filename) && !filename.endsWith(".json", Qt::CaseInsensitive)) {
QString password;
if (pwstdin) {
static QTextStream in(stdin, QIODevice::ReadOnly);
password = in.readLine();
}
mainWindow.openDatabase(filename, password, parser.value(keyfileOption));
}
}
Expand Down
25 changes: 16 additions & 9 deletions src/proxy/NativeMessagingHost.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -51,18 +51,25 @@ void NativeMessagingHost::readLength()

void NativeMessagingHost::readStdIn(const quint32 length)
{
if (length > 0) {
QByteArray arr;
arr.reserve(length);
if (length <= 0) {
return;
}

for (quint32 i = 0; i < length; ++i) {
arr.append(getchar());
}
QByteArray arr;
arr.reserve(length);

if (arr.length() > 0 && m_localSocket && m_localSocket->state() == QLocalSocket::ConnectedState) {
m_localSocket->write(arr.constData(), arr.length());
m_localSocket->flush();
for (quint32 i = 0; i < length; ++i) {
int c = std::getchar();
if (c == EOF) {
// message ended prematurely, ignore it and return
return;
}
arr.append(static_cast<char>(c));
}

if (arr.length() > 0 && m_localSocket && m_localSocket->state() == QLocalSocket::ConnectedState) {
m_localSocket->write(arr.constData(), arr.length());
m_localSocket->flush();
}
}

Expand Down

0 comments on commit 63a17f6

Please sign in to comment.