mirror of
https://github.com/wavetermdev/waveterm.git
synced 2024-12-22 16:48:23 +01:00
1fc6dd7c1a
Fixes [https://github.com/wavetermdev/waveterm/security/code-scanning/50](https://github.com/wavetermdev/waveterm/security/code-scanning/50) To fix the problem, we need to ensure that the size computation for the allocation does not overflow. This can be achieved by validating the length of `barr` before performing the arithmetic operation. We will set a maximum allowable size for `barr` to ensure that the sum of `oscPrefixLen(oscNum)` and `len(barr)` does not exceed the maximum value for an `int`. 1. Define a maximum allowable size for `barr` (e.g., 64 MB). 2. Check the length of `barr` against this maximum size before performing the allocation. 3. If `barr` exceeds the maximum size, return an error. _Suggested fixes powered by Copilot Autofix. Review carefully before merging._ --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
92 lines
2.2 KiB
Go
92 lines
2.2 KiB
Go
// Copyright 2024, Command Line Inc.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package wshutil
|
|
|
|
import (
|
|
"bytes"
|
|
"fmt"
|
|
"io"
|
|
)
|
|
|
|
// special I/O wrappers for wshrpc
|
|
// * terminal (wrap with OSC codes)
|
|
// * stream (json lines)
|
|
// * websocket (json packets)
|
|
|
|
type lineBuf struct {
|
|
buf []byte
|
|
inLongLine bool
|
|
}
|
|
|
|
const maxLineLength = 128 * 1024
|
|
|
|
func streamToLines_processBuf(lineBuf *lineBuf, readBuf []byte, lineFn func([]byte)) {
|
|
for len(readBuf) > 0 {
|
|
nlIdx := bytes.IndexByte(readBuf, '\n')
|
|
if nlIdx == -1 {
|
|
if lineBuf.inLongLine || len(lineBuf.buf)+len(readBuf) > maxLineLength {
|
|
lineBuf.buf = nil
|
|
lineBuf.inLongLine = true
|
|
return
|
|
}
|
|
lineBuf.buf = append(lineBuf.buf, readBuf...)
|
|
return
|
|
}
|
|
if !lineBuf.inLongLine && len(lineBuf.buf)+nlIdx <= maxLineLength {
|
|
line := append(lineBuf.buf, readBuf[:nlIdx]...)
|
|
lineFn(line)
|
|
}
|
|
lineBuf.buf = nil
|
|
lineBuf.inLongLine = false
|
|
readBuf = readBuf[nlIdx+1:]
|
|
}
|
|
}
|
|
|
|
func StreamToLines(input io.Reader, lineFn func([]byte)) error {
|
|
var lineBuf lineBuf
|
|
readBuf := make([]byte, 16*1024)
|
|
for {
|
|
n, err := input.Read(readBuf)
|
|
streamToLines_processBuf(&lineBuf, readBuf[:n], lineFn)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
}
|
|
|
|
func AdaptStreamToMsgCh(input io.Reader, output chan []byte) error {
|
|
return StreamToLines(input, func(line []byte) {
|
|
output <- line
|
|
})
|
|
}
|
|
|
|
func AdaptOutputChToStream(outputCh chan []byte, output io.Writer) error {
|
|
for msg := range outputCh {
|
|
if _, err := output.Write(msg); err != nil {
|
|
return fmt.Errorf("error writing to output (AdaptOutputChToStream): %w", err)
|
|
}
|
|
// write trailing newline
|
|
if _, err := output.Write([]byte{'\n'}); err != nil {
|
|
return fmt.Errorf("error writing trailing newline to output (AdaptOutputChToStream): %w", err)
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func AdaptMsgChToPty(outputCh chan []byte, oscEsc string, output io.Writer) error {
|
|
if len(oscEsc) != 5 {
|
|
panic("oscEsc must be 5 characters")
|
|
}
|
|
for msg := range outputCh {
|
|
barr, err := EncodeWaveOSCBytes(oscEsc, msg)
|
|
if err != nil {
|
|
return fmt.Errorf("error encoding osc message (AdaptMsgChToPty): %w", err)
|
|
}
|
|
if _, err := output.Write(barr); err != nil {
|
|
return fmt.Errorf("error writing osc message (AdaptMsgChToPty): %w", err)
|
|
}
|
|
}
|
|
return nil
|
|
}
|