diff options
-rw-r--r-- | toxcore/Messenger.c | 18 | ||||
-rw-r--r-- | toxcore/Messenger.h | 8 | ||||
-rw-r--r-- | toxcore/tox.c | 3 | ||||
-rw-r--r-- | toxcore/tox.h | 12 |
4 files changed, 28 insertions, 13 deletions
diff --git a/toxcore/Messenger.c b/toxcore/Messenger.c index 83aaf19b..911c92da 100644 --- a/toxcore/Messenger.c +++ b/toxcore/Messenger.c | |||
@@ -1051,7 +1051,7 @@ static int file_sendrequest(const Messenger *m, int32_t friendnumber, uint8_t fi | |||
1051 | * Maximum filename length is 255 bytes. | 1051 | * Maximum filename length is 255 bytes. |
1052 | * return file number on success | 1052 | * return file number on success |
1053 | * return -1 if friend not found. | 1053 | * return -1 if friend not found. |
1054 | * return -2 if filename too big. | 1054 | * return -2 if filename length invalid. |
1055 | * return -3 if no more file sending slots left. | 1055 | * return -3 if no more file sending slots left. |
1056 | * return -4 if could not send packet (friend offline). | 1056 | * return -4 if could not send packet (friend offline). |
1057 | * | 1057 | * |
@@ -1065,6 +1065,9 @@ long int new_filesender(const Messenger *m, int32_t friendnumber, uint32_t file_ | |||
1065 | if (filename_length > MAX_FILENAME_LENGTH) | 1065 | if (filename_length > MAX_FILENAME_LENGTH) |
1066 | return -2; | 1066 | return -2; |
1067 | 1067 | ||
1068 | if (file_type == FILEKIND_AVATAR && filename_length != crypto_hash_sha256_BYTES) | ||
1069 | return -2; | ||
1070 | |||
1068 | uint32_t i; | 1071 | uint32_t i; |
1069 | 1072 | ||
1070 | for (i = 0; i < MAX_CONCURRENT_FILE_PIPES; ++i) { | 1073 | for (i = 0; i < MAX_CONCURRENT_FILE_PIPES; ++i) { |
@@ -1937,9 +1940,14 @@ static int handle_packet(void *object, int i, uint8_t *temp, uint16_t len) | |||
1937 | uint8_t filenumber = data[0]; | 1940 | uint8_t filenumber = data[0]; |
1938 | uint64_t filesize; | 1941 | uint64_t filesize; |
1939 | uint32_t file_type; | 1942 | uint32_t file_type; |
1943 | uint16_t filename_length = data_length - head_length; | ||
1940 | memcpy(&file_type, data + 1, sizeof(file_type)); | 1944 | memcpy(&file_type, data + 1, sizeof(file_type)); |
1941 | file_type = ntohl(file_type); | 1945 | file_type = ntohl(file_type); |
1942 | 1946 | ||
1947 | /* Check if the name is the right size if file is avatar. */ | ||
1948 | if (file_type == FILEKIND_AVATAR && filename_length != crypto_hash_sha256_BYTES) | ||
1949 | break; | ||
1950 | |||
1943 | memcpy(&filesize, data + 1 + sizeof(uint32_t), sizeof(filesize)); | 1951 | memcpy(&filesize, data + 1 + sizeof(uint32_t), sizeof(filesize)); |
1944 | net_to_host((uint8_t *) &filesize, sizeof(filesize)); | 1952 | net_to_host((uint8_t *) &filesize, sizeof(filesize)); |
1945 | m->friendlist[i].file_receiving[filenumber].status = FILESTATUS_NOT_ACCEPTED; | 1953 | m->friendlist[i].file_receiving[filenumber].status = FILESTATUS_NOT_ACCEPTED; |
@@ -1948,16 +1956,16 @@ static int handle_packet(void *object, int i, uint8_t *temp, uint16_t len) | |||
1948 | m->friendlist[i].file_receiving[filenumber].paused = FILE_PAUSE_NOT; | 1956 | m->friendlist[i].file_receiving[filenumber].paused = FILE_PAUSE_NOT; |
1949 | 1957 | ||
1950 | /* Force NULL terminate file name. */ | 1958 | /* Force NULL terminate file name. */ |
1951 | uint8_t filename_terminated[data_length - head_length + 1]; | 1959 | uint8_t filename_terminated[filename_length + 1]; |
1952 | memcpy(filename_terminated, data + head_length, data_length - head_length); | 1960 | memcpy(filename_terminated, data + head_length, filename_length); |
1953 | filename_terminated[data_length - head_length] = 0; | 1961 | filename_terminated[filename_length] = 0; |
1954 | 1962 | ||
1955 | uint32_t real_filenumber = filenumber; | 1963 | uint32_t real_filenumber = filenumber; |
1956 | real_filenumber += 1; | 1964 | real_filenumber += 1; |
1957 | real_filenumber <<= 16; | 1965 | real_filenumber <<= 16; |
1958 | 1966 | ||
1959 | if (m->file_sendrequest) | 1967 | if (m->file_sendrequest) |
1960 | (*m->file_sendrequest)(m, i, real_filenumber, file_type, filesize, filename_terminated, data_length - head_length, | 1968 | (*m->file_sendrequest)(m, i, real_filenumber, file_type, filesize, filename_terminated, filename_length, |
1961 | m->file_sendrequest_userdata); | 1969 | m->file_sendrequest_userdata); |
1962 | 1970 | ||
1963 | break; | 1971 | break; |
diff --git a/toxcore/Messenger.h b/toxcore/Messenger.h index d4cfa431..716ac851 100644 --- a/toxcore/Messenger.h +++ b/toxcore/Messenger.h | |||
@@ -159,6 +159,12 @@ enum { | |||
159 | FILECONTROL_RESUME_BROKEN | 159 | FILECONTROL_RESUME_BROKEN |
160 | }; | 160 | }; |
161 | 161 | ||
162 | enum { | ||
163 | FILEKIND_DATA, | ||
164 | FILEKIND_AVATAR | ||
165 | }; | ||
166 | |||
167 | |||
162 | typedef struct Messenger Messenger; | 168 | typedef struct Messenger Messenger; |
163 | 169 | ||
164 | typedef struct { | 170 | typedef struct { |
@@ -608,7 +614,7 @@ void callback_file_reqchunk(Messenger *m, void (*function)(Messenger *m, uint32_ | |||
608 | * Maximum filename length is 255 bytes. | 614 | * Maximum filename length is 255 bytes. |
609 | * return file number on success | 615 | * return file number on success |
610 | * return -1 if friend not found. | 616 | * return -1 if friend not found. |
611 | * return -2 if filename too big. | 617 | * return -2 if filename length invalid. |
612 | * return -3 if no more file sending slots left. | 618 | * return -3 if no more file sending slots left. |
613 | * return -4 if could not send packet (friend offline). | 619 | * return -4 if could not send packet (friend offline). |
614 | * | 620 | * |
diff --git a/toxcore/tox.c b/toxcore/tox.c index 6861ca4f..54daafc8 100644 --- a/toxcore/tox.c +++ b/toxcore/tox.c | |||
@@ -76,7 +76,6 @@ struct Tox_Options *tox_options_new(TOX_ERR_OPTIONS_NEW *error) | |||
76 | 76 | ||
77 | if (options) { | 77 | if (options) { |
78 | tox_options_default(options); | 78 | tox_options_default(options); |
79 | |||
80 | SET_ERROR_PARAMETER(error, TOX_ERR_OPTIONS_NEW_OK); | 79 | SET_ERROR_PARAMETER(error, TOX_ERR_OPTIONS_NEW_OK); |
81 | return options; | 80 | return options; |
82 | } | 81 | } |
@@ -917,7 +916,7 @@ uint32_t tox_file_send(Tox *tox, uint32_t friend_number, uint32_t kind, uint64_t | |||
917 | return UINT32_MAX; | 916 | return UINT32_MAX; |
918 | 917 | ||
919 | case -2: | 918 | case -2: |
920 | SET_ERROR_PARAMETER(error, TOX_ERR_FILE_SEND_NAME_TOO_LONG); | 919 | SET_ERROR_PARAMETER(error, TOX_ERR_FILE_SEND_NAME_INVALID_LENGTH); |
921 | return UINT32_MAX; | 920 | return UINT32_MAX; |
922 | 921 | ||
923 | case -3: | 922 | case -3: |
diff --git a/toxcore/tox.h b/toxcore/tox.h index 286d323a..1457a70b 100644 --- a/toxcore/tox.h +++ b/toxcore/tox.h | |||
@@ -1396,7 +1396,8 @@ enum TOX_FILE_KIND { | |||
1396 | */ | 1396 | */ |
1397 | TOX_FILE_KIND_DATA, | 1397 | TOX_FILE_KIND_DATA, |
1398 | /** | 1398 | /** |
1399 | * Avatar data. This consists of tox_hash(image) + image. | 1399 | * Avatar filename. This consists of tox_hash(image). |
1400 | * Avatar data. This consists of the image data. | ||
1400 | * | 1401 | * |
1401 | * Avatars can be sent at any time the client wishes. Generally, a client will | 1402 | * Avatars can be sent at any time the client wishes. Generally, a client will |
1402 | * send the avatar to a friend when that friend comes online, and to all | 1403 | * send the avatar to a friend when that friend comes online, and to all |
@@ -1406,8 +1407,8 @@ enum TOX_FILE_KIND { | |||
1406 | * | 1407 | * |
1407 | * Clients who receive avatar send requests can reject it (by sending | 1408 | * Clients who receive avatar send requests can reject it (by sending |
1408 | * TOX_FILE_CONTROL_CANCEL before any other controls), or accept it (by | 1409 | * TOX_FILE_CONTROL_CANCEL before any other controls), or accept it (by |
1409 | * sending TOX_FILE_CONTROL_RESUME). The first chunk will contain the hash in | 1410 | * sending TOX_FILE_CONTROL_RESUME). The filename of length TOX_HASH_LENGTH bytes |
1410 | * its first TOX_HASH_LENGTH bytes. A client can compare this hash with a | 1411 | * will contain the hash. A client can compare this hash with a |
1411 | * saved hash and send TOX_FILE_CONTROL_CANCEL to terminate the avatar | 1412 | * saved hash and send TOX_FILE_CONTROL_CANCEL to terminate the avatar |
1412 | * transfer if it matches. | 1413 | * transfer if it matches. |
1413 | */ | 1414 | */ |
@@ -1551,9 +1552,10 @@ typedef enum TOX_ERR_FILE_SEND { | |||
1551 | */ | 1552 | */ |
1552 | TOX_ERR_FILE_SEND_NAME_EMPTY, | 1553 | TOX_ERR_FILE_SEND_NAME_EMPTY, |
1553 | /** | 1554 | /** |
1554 | * Filename length exceeded 255 bytes. | 1555 | * Filename length exceeded 255 bytes or if kind was equal to TOX_FILE_KIND_AVATAR |
1556 | * the length was not TOX_HASH_LENGTH. | ||
1555 | */ | 1557 | */ |
1556 | TOX_ERR_FILE_SEND_NAME_TOO_LONG, | 1558 | TOX_ERR_FILE_SEND_NAME_INVALID_LENGTH, |
1557 | /** | 1559 | /** |
1558 | * Too many ongoing transfers. The maximum number of concurrent file transfers | 1560 | * Too many ongoing transfers. The maximum number of concurrent file transfers |
1559 | * is 256 per friend per direction (sending and receiving). | 1561 | * is 256 per friend per direction (sending and receiving). |