Abort processing for some client errors (instead of crashing)

Missing 'return' statements caused the code to keep running on a deallocated client, which would cause the server to crash.
author: Hector Martin 2010-06-13 18:48:27 +0200
committer: Hector Martin 2010-06-13 18:48:27 +0200
commit: 713cfb3d145f9db242138405f16d4ab225e8ba04 (patch)
tree: db3230f6e2099f1d5630e8042386fe5fc0067c10 /daemon/client.c
parent: e1da26918aa8eb025cf18216efce61b2b4cf64b8 (diff)
download: usbmuxd-713cfb3d145f9db242138405f16d4ab225e8ba04.tar.gz
usbmuxd-713cfb3d145f9db242138405f16d4ab225e8ba04.tar.bz2
1 files changed, 3 insertions, 0 deletions
diff --git a/daemon/client.c b/daemon/client.c
index 80bc0c7..ac1045a 100644
--- a/daemon/client.c
+++ b/daemon/client.c
@@ -520,14 +520,17 @@ static void process_recv(struct mux_client *client)
                usbmuxd_log(LL_INFO, "Client %d version mismatch: expected %d, got %d", client->fd, USBMUXD_PROTOCOL_VERSION, hdr->version);
 #endif
                client_close(client);
+                return;
        }
        if(hdr->length > client->ib_capacity) {
                usbmuxd_log(LL_INFO, "Client %d message is too long (%d bytes)", client->fd, hdr->length);
                client_close(client);
+                return;
        }
        if(hdr->length < sizeof(struct usbmuxd_header)) {
                usbmuxd_log(LL_ERROR, "Client %d message is too short (%d bytes)", client->fd, hdr->length);
                client_close(client);
+                return;
        }
        if(client->ib_size < hdr->length) {
                if(did_read)
author	Hector Martin	2010-06-13 18:48:27 +0200
committer	Hector Martin	2010-06-13 18:48:27 +0200
commit	713cfb3d145f9db242138405f16d4ab225e8ba04 (patch)
tree	db3230f6e2099f1d5630e8042386fe5fc0067c10 /daemon/client.c
parent	e1da26918aa8eb025cf18216efce61b2b4cf64b8 (diff)
download	usbmuxd-713cfb3d145f9db242138405f16d4ab225e8ba04.tar.gz usbmuxd-713cfb3d145f9db242138405f16d4ab225e8ba04.tar.bz2