[XFree86] Problem: no BadLength returned

Peng Hongbo Fri, 04 Jun 2004 08:30:11 -0700

Hello all
    When a client send a bigrequest with length being
set to 0, the X server sometimes doesn't return BadLength.


    In xc/programs/Xserer/os/io.c, if the length is 0, then
client->req_len is set to 0xFFFFFFFF after it move the header.
Some processor of the request only check for
REQUEST_AT_LEAST_SIZE(...), for example ProcNoOperation. Then
the client will not received a BadLength error.

    It may be better for ReadRequestFromClient() to set 
client->req_len according to the bad request length so that
BadLength can be returned.

ReadRequestFromClient(..)
{
    ...
#ifdef BIGREQS
    if (move_header)
    {
        request = (xReq *)oci->bufptr;
        oci->bufptr += (sizeof(xBigReq) - sizeof(xReq));
        *(xReq *)oci->bufptr = *request;
        oci->lenLastReq -= (sizeof(xBigReq) - sizeof(xReq));
        client->req_len -= (sizeof(xBigReq) - sizeof(xReq)) >> 2;
    }
#endif 
    ...
}


Best Regards!
Peng Hongbo


_______________________________________________
XFree86 mailing list
[EMAIL PROTECTED]
http://XFree86.Org/mailman/listinfo/xfree86

[XFree86] Problem: no BadLength returned

Reply via email to