From e5241d84a49dbc9f2e1317a58a91f173680da01d Mon Sep 17 00:00:00 2001 From: Jia Zhouyang Date: Wed, 7 Mar 2018 07:04:33 +0800 Subject: [PATCH] Fix crashes when some external APIs fail (#875) Fix crashes when some external APIs fail --- plug-ins/sslstrip/sslstrip.c | 10 ++++++++-- src/ec_sslwrap.c | 10 ++++++++-- src/interfaces/curses/widgets/wdg_file.c | 6 ++++-- 3 files changed, 20 insertions(+), 6 deletions(-) diff --git a/plug-ins/sslstrip/sslstrip.c b/plug-ins/sslstrip/sslstrip.c index b7ab6a46a..e6e55df76 100644 --- a/plug-ins/sslstrip/sslstrip.c +++ b/plug-ins/sslstrip/sslstrip.c @@ -770,13 +770,19 @@ static int http_get_peer(struct http_connection *connection) socklen_t ss_len = sizeof(struct sockaddr_storage); switch (ntohs(connection->ip[HTTP_CLIENT].addr_type)) { case AF_INET: - getsockopt (connection->fd, SOL_IP, SO_ORIGINAL_DST, (struct sockaddr*)&ss, &ss_len); + if (getsockopt (connection->fd, SOL_IP, SO_ORIGINAL_DST, (struct sockaddr*)&ss, &ss_len) == -1) { + WARN_MSG("getsockopt failed: %s", strerror(errno)); + return -E_INVALID; + } sa4 = (struct sockaddr_in *)&ss; ip_addr_init(&(connection->ip[HTTP_SERVER]), AF_INET, (u_char *)&(sa4->sin_addr.s_addr)); break; #if defined WITH_IPV6 && defined HAVE_IP6T_SO_ORIGINAL_DST case AF_INET6: - getsockopt (connection->fd, IPPROTO_IPV6, IP6T_SO_ORIGINAL_DST, (struct sockaddr*)&ss, &ss_len); + if (getsockopt (connection->fd, IPPROTO_IPV6, IP6T_SO_ORIGINAL_DST, (struct sockaddr*)&ss, &ss_len) == -1) { + WARN_MSG("getsockopt failed: %s", strerror(errno)); + return -E_INVALID; + } sa6 = (struct sockaddr_in6 *)&ss; ip_addr_init(&(connection->ip[HTTP_SERVER]), AF_INET6, (u_char *)&(sa6->sin6_addr.s6_addr)); break; diff --git a/src/ec_sslwrap.c b/src/ec_sslwrap.c index df91995a9..a69ea5260 100644 --- a/src/ec_sslwrap.c +++ b/src/ec_sslwrap.c @@ -816,13 +816,19 @@ static int sslw_get_peer(struct accepted_entry *ae) switch (ntohs(ae->ip[SSL_CLIENT].addr_type)) { case AF_INET: - getsockopt(ae->fd[SSL_CLIENT], SOL_IP, SO_ORIGINAL_DST, (struct sockaddr*)&ss, &ss_len); + if (getsockopt(ae->fd[SSL_CLIENT], SOL_IP, SO_ORIGINAL_DST, (struct sockaddr*)&ss, &ss_len) == -1) { + WARN_MSG("getsockopt failed: %s", strerror(errno)); + return -E_INVALID; + } sa4 = (struct sockaddr_in *)&ss; ip_addr_init(&(ae->ip[SSL_SERVER]), AF_INET, (u_char *)&(sa4->sin_addr.s_addr)); break; #if defined WITH_IPV6 && defined HAVE_IP6T_SO_ORIGINAL_DST case AF_INET6: - getsockopt(ae->fd[SSL_CLIENT], IPPROTO_IPV6, IP6T_SO_ORIGINAL_DST, (struct sockaddr*)&ss, &ss_len); + if (getsockopt(ae->fd[SSL_CLIENT], IPPROTO_IPV6, IP6T_SO_ORIGINAL_DST, (struct sockaddr*)&ss, &ss_len) == -1) { + WARN_MSG("getsockopt failed: %s", strerror(errno)); + return -E_INVALID; + } sa6 = (struct sockaddr_in6 *)&ss; ip_addr_init(&(ae->ip[SSL_SERVER]), AF_INET6, (u_char *)&(sa6->sin6_addr.s6_addr)); break; diff --git a/src/interfaces/curses/widgets/wdg_file.c b/src/interfaces/curses/widgets/wdg_file.c index 90afba347..c291441f6 100644 --- a/src/interfaces/curses/widgets/wdg_file.c +++ b/src/interfaces/curses/widgets/wdg_file.c @@ -123,7 +123,8 @@ static int wdg_file_destroy(struct wdg_object *wo) delwin(ww->win); /* restore the initial working directory */ - chdir(ww->initpath); + if (chdir(ww->initpath) == -1) + WARN_MSG("chdir failed: %s", strerror(errno)); WDG_SAFE_FREE(wo->extend); @@ -394,7 +395,8 @@ static int wdg_file_driver(struct wdg_object *wo, int key, struct wdg_mouse_even stat(item_name(current_item(ww->m)), &buf); /* if it is a directory, change to it */ if (S_ISDIR(buf.st_mode)) { - chdir(item_name(current_item(ww->m))); + if (chdir(item_name(current_item(ww->m))) == -1) + WARN_MSG("chdir failed: %s", strerror(errno)); return -WDG_E_NOTHANDLED; } else { /* invoke the callback and return */