return BufferTooShort when Connection::recv(...) is called with an em…

…pty buffer Motivation: We should return BufferTooShort if recv is called with an empty buffer to guard against missuse and possible endless loops in users code. Modifications: - Add extra if statement that checks for an empty buffer and return the correct error in this case - Add unit test Result: Less risk for users Fixes ##817.
cloudflare · Jan 31, 2021 · d1e704b · d1e704b
1 parent f236657
commit d1e704b
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/src/lib.rs b/src/lib.rs
@@ -1466,6 +1466,10 @@ impl Connection {
     pub fn recv(&mut self, buf: &mut [u8]) -> Result<usize> {
         let len = buf.len();
 
+        if len == 0 {
+            return Err(Error::BufferTooShort);
+        }
+
         // Keep track of how many bytes we received from the client, so we
         // can limit bytes sent back before address validation, to a multiple
         // of this. The limit needs to be increased early on, so that if there
@@ -6804,6 +6808,15 @@ mod tests {
         assert_eq!(pipe.server.recv(&mut buf[..written]), Ok(written));
     }
 
+    #[test]
+    fn recv_empty_buffer() {
+        let mut buf = [0; 65535];
+        let mut pipe = testing::Pipe::default().unwrap();
+
+        assert_eq!(pipe.handshake(&mut buf), Ok(()));
+        assert_eq!(pipe.server.recv(&mut buf[..0]), Err(Error::BufferTooShort));
+    }
+
     #[test]
     /// Tests that the MAX_STREAMS frame is sent for bidirectional streams.
     fn stream_limit_update_bidi() {