From 1d9522a7a66c5cf7b5dbc4ab39dd7cc82760740f Mon Sep 17 00:00:00 2001 From: nicm Date: Thu, 23 Apr 2026 12:36:15 +0000 Subject: [PATCH] Kill client rather than fatalx on bad file handling messages, reported by Tim Zheng. --- file.c | 21 ++++++++++++--------- server-client.c | 9 ++++++--- tmux.h | 6 +++--- 3 files changed, 21 insertions(+), 15 deletions(-) diff --git a/file.c b/file.c index 030082a5..f13eb862 100644 --- a/file.c +++ b/file.c @@ -807,7 +807,7 @@ file_read_cancel(struct client_files *files, struct imsg *imsg) } /* Handle a write ready message (server). */ -void +int file_write_ready(struct client_files *files, struct imsg *imsg) { struct msg_write_ready *msg = imsg->data; @@ -815,19 +815,20 @@ file_write_ready(struct client_files *files, struct imsg *imsg) struct client_file find, *cf; if (msglen != sizeof *msg) - fatalx("bad MSG_WRITE_READY size"); + return (-1); find.stream = msg->stream; if ((cf = RB_FIND(client_files, files, &find)) == NULL) - return; + return (0); if (msg->error != 0) { cf->error = msg->error; file_fire_done(cf); } else file_push(cf); + return (0); } /* Handle read data message (server). */ -void +int file_read_data(struct client_files *files, struct imsg *imsg) { struct msg_read_data *msg = imsg->data; @@ -837,10 +838,10 @@ file_read_data(struct client_files *files, struct imsg *imsg) size_t bsize = msglen - sizeof *msg; if (msglen < sizeof *msg) - fatalx("bad MSG_READ_DATA size"); + return (-1); find.stream = msg->stream; if ((cf = RB_FIND(client_files, files, &find)) == NULL) - return; + return (0); log_debug("file %d read %zu bytes", cf->stream, bsize); if (cf->error == 0 && !cf->closed) { @@ -850,10 +851,11 @@ file_read_data(struct client_files *files, struct imsg *imsg) } else file_fire_read(cf); } + return (0); } /* Handle a read done message (server). */ -void +int file_read_done(struct client_files *files, struct imsg *imsg) { struct msg_read_done *msg = imsg->data; @@ -861,12 +863,13 @@ file_read_done(struct client_files *files, struct imsg *imsg) struct client_file find, *cf; if (msglen != sizeof *msg) - fatalx("bad MSG_READ_DONE size"); + return (-1); find.stream = msg->stream; if ((cf = RB_FIND(client_files, files, &find)) == NULL) - return; + return (0); log_debug("file %d read done", cf->stream); cf->error = msg->error; file_fire_done(cf); + return (0); } diff --git a/server-client.c b/server-client.c index 5d090dab..ae12390c 100644 --- a/server-client.c +++ b/server-client.c @@ -2239,13 +2239,16 @@ server_client_dispatch(struct imsg *imsg, void *arg) goto bad; break; case MSG_WRITE_READY: - file_write_ready(&c->files, imsg); + if (file_write_ready(&c->files, imsg) != 0) + goto bad; break; case MSG_READ: - file_read_data(&c->files, imsg); + if (file_read_data(&c->files, imsg) != 0) + goto bad; break; case MSG_READ_DONE: - file_read_done(&c->files, imsg); + if (file_read_done(&c->files, imsg) != 0) + goto bad; break; } diff --git a/tmux.h b/tmux.h index 63c1e30b..53f69b25 100644 --- a/tmux.h +++ b/tmux.h @@ -2949,9 +2949,9 @@ void file_write_data(struct client_files *, struct imsg *); void file_write_close(struct client_files *, struct imsg *); void file_read_open(struct client_files *, struct tmuxpeer *, struct imsg *, int, int, client_file_cb, void *); -void file_write_ready(struct client_files *, struct imsg *); -void file_read_data(struct client_files *, struct imsg *); -void file_read_done(struct client_files *, struct imsg *); +int file_write_ready(struct client_files *, struct imsg *); +int file_read_data(struct client_files *, struct imsg *); +int file_read_done(struct client_files *, struct imsg *); void file_read_cancel(struct client_files *, struct imsg *); /* server.c */