This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2goclient. commit 10fc1165edd8ae7bb946ad914a4bcd6da20a08d6 Author: Mihai Moldovan <ionic@ionic.de> Date: Tue Apr 30 21:50:06 2024 +0200 src/httpbrokerclient.cpp: parse port value (if provided) and handle errors gracefully. --- debian/changelog | 2 ++ src/httpbrokerclient.cpp | 19 ++++++++++++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 36bb3eb7..3e218e7f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -11,6 +11,8 @@ x2goclient (4.1.2.4-0x2go1) UNRELEASED; urgency=medium [ Mihai Moldovan ] * New upstream version (4.1.2.4): - src/httpbrokerclient.cpp: handle missing server name/address gracefully. + - src/httpbrokerclient.cpp: parse port value (if provided) and handle + errors gracefully. * x2goclient.spec: + Add Recommends: x2gokdriveclient for FC30+, RH 8+, *SuSE 15.4+. diff --git a/src/httpbrokerclient.cpp b/src/httpbrokerclient.cpp index db05546a..889f9827 100644 --- a/src/httpbrokerclient.cpp +++ b/src/httpbrokerclient.cpp @@ -849,8 +849,25 @@ void HttpBrokerClient::parseSession(QString sinfo) return; } config->serverIp=words[0]; - if (words.count()>1) + /* + * Note that it's legal for the port to be empty - the default port will + * be used in this case. + */ + if ((1 < words.count ()) && (!(words[1].isEmpty ()))) { + /* + * Sanity check, must be in the [1,65535] range. + */ + bool conv_res = false; + qulonglong conv = words[1].toULongLong (&conv_res, 10); + if ((!(conv_res)) || (conv == 0) || (65535 < conv)) { + QString msg = tr ("Broker passed invalid server port: %1").arg (words[1]); + x2goDebug << msg; + QMessageBox::critical (0, tr ("Error"), msg); + emit (fatalHttpError ()); + return; + } config->sshport=words[1]; + } x2goDebug<<"Server IP address: "<<config->serverIp; x2goDebug<<"Server port: "<<config->sshport; if (sinfo.indexOf("SESSION_INFO")!=-1) -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git