Implement custom deserializer to add our own sanity checks

This is a rough first implementation in preparation of writing proper serializers independently of QDataStream. Thanks to @chaign_c (https://twitter.com/chaign_c/) for finding issues with QDataStream that prompted this change. (cherry picked from commit 2b777e9))
quassel · Apr 23, 2018 · 18389a7 · 18389a7
1 parent f7fc81c
commit 18389a7
Show file tree

Hide file tree

Showing 5 changed files with 812 additions and 6 deletions.
diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt
@@ -38,6 +38,8 @@ set(SOURCES
     transfermanager.cpp
     util.cpp
 
+    serializers/serializers.cpp
+
     protocols/datastream/datastreampeer.cpp
     protocols/legacy/legacypeer.cpp
 

diff --git a/src/common/protocols/datastream/datastreampeer.cpp b/src/common/protocols/datastream/datastreampeer.cpp
@@ -24,6 +24,7 @@
 #include <QTcpSocket>
 
 #include "datastreampeer.h"
+#include "serializers/serializers.h"
 
 using namespace Protocol;
 
@@ -58,7 +59,8 @@ void DataStreamPeer::processMessage(const QByteArray &msg)
     QDataStream stream(msg);
     stream.setVersion(QDataStream::Qt_4_2);
     QVariantList list;
-    stream >> list;
+    if (!Serializers::deserialize(stream, list))
+        close("Peer sent corrupt data, closing down!");
     if (stream.status() != QDataStream::Ok) {
         close("Peer sent corrupt data, closing down!");
         return;

diff --git a/src/common/protocols/legacy/legacypeer.cpp b/src/common/protocols/legacy/legacypeer.cpp
@@ -23,6 +23,7 @@
 #include <QTcpSocket>
 
 #include "legacypeer.h"
+#include "serializers/serializers.h"
 
 /* version.inc is no longer used for this */
 const uint protocolVersion = 10;
@@ -62,7 +63,10 @@ void LegacyPeer::processMessage(const QByteArray &msg)
     QVariant item;
     if (_useCompression) {
         QByteArray rawItem;
-        stream >> rawItem;
+        if (!Serializers::deserialize(stream, rawItem)) {
+            close("Peer sent corrupt data: unable to load QVariant!");
+            return;
+        }
 
         int nbytes = rawItem.size();
         if (nbytes <= 4) {
@@ -77,10 +81,15 @@ void LegacyPeer::processMessage(const QByteArray &msg)
 
         QDataStream itemStream(&rawItem, QIODevice::ReadOnly);
         itemStream.setVersion(QDataStream::Qt_4_2);
-        itemStream >> item;
-    }
-    else {
-        stream >> item;
+        if (!Serializers::deserialize(itemStream, item)) {
+            close("Peer sent corrupt data: unable to load QVariant!");
+            return;
+        }
+    } else {
+        if (!Serializers::deserialize(stream, item)) {
+            close("Peer sent corrupt data: unable to load QVariant!");
+            return;
+        }
     }
 
     if (stream.status() != QDataStream::Ok || !item.isValid()) {