summary refs log tree commit diff stats
path: root/lib
diff options
context:
space:
mode:
authorDaniel Martí <mvdan@mvdan.cc>2020-02-13 09:25:55 +0000
committerDrew DeVault <sir@cmpwn.com>2020-02-13 10:26:12 -0500
commit72f55b857b90af85625defd5f048fbb23bbc4595 (patch)
tree7e60fcd8dcac6cba9d7c3fe6442e6fc51e31b41c /lib
parenta82fa2bf23e58a024bf9fcd4ca8dc3d9160d3cba (diff)
downloadaerc-72f55b857b90af85625defd5f048fbb23bbc4595.tar.gz
lib: fix an out of bounds panic in the server
If the message doesn't contain ':', we don't properly discard the
message, so we end up slicing it like msg[:-1].

This can be reproduced if one runs 'aerc foo', as the server receives
'foo' as the message.

'aerc foo' still doesn't do anything very user friendly, but at least it
doesn't panic horribly.

While at it, do the 'got message' log at the very beginning, so that the
user can see what message the server got before reporting the command as
invalid.

Signed-off-by: Daniel Martí <mvdan@mvdan.cc>
Diffstat (limited to 'lib')
-rw-r--r--lib/socket.go3
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/socket.go b/lib/socket.go
index d5db3dc..cdf0f73 100644
--- a/lib/socket.go
+++ b/lib/socket.go
@@ -61,10 +61,11 @@ func (as *AercServer) handleClient(conn net.Conn) {
 	for scanner.Scan() {
 		conn.SetDeadline(time.Now().Add(1 * time.Minute))
 		msg := scanner.Text()
+		as.logger.Printf("unix:%d: got message %s", clientId, msg)
 		if !strings.ContainsRune(msg, ':') {
 			conn.Write([]byte("error: invalid command\n"))
+			continue
 		}
-		as.logger.Printf("unix:%d: got message %s", clientId, msg)
 		prefix := msg[:strings.IndexRune(msg, ':')]
 		switch prefix {
 		case "mailto":