for the rsync/supersu buffering hack, limit the total buffer depth to 1MB

so that it doesn't cause memory exhaustion in extreme cases
2024-11-13 18:58:57 +00:00 · 2016-06-10 16:05:32 -04:00 · 2016-06-10 16:05:32 -04:00 · 0a033800b6
commit 0a033800b6
parent 4848e35b69
1 changed files with 18 additions and 2 deletions
--- a/jni/buffersu.c
+++ b/jni/buffersu.c
@ -9,6 +9,7 @@

 #define WRAPPED_CMD "/data/data/org.galexander.sshd/lib/librsync.so"
 #define WRAPPED_ARG0 "rsync"
+#define MAX_BUFSZ (1024*1024)


 static void
@ -50,6 +51,17 @@ struct buf {
 	struct block *tail;	/* write here */
 };

+static int
+buf_length(struct buf *b)
+{
+	struct block *p;
+	int ret = 0;
+	for (p = b->head; p; p = p->next) {
+		ret += p->len;
+	}
+	return ret;
+}
+
 static int
 buf_waiting(struct buf *b)
 {
@ -153,8 +165,12 @@ main(int argc, char **argv)
 		while (1) {
 			int s;
 			FD_ZERO(&ifds);
-			FD_SET(0, &ifds);
-			FD_SET(child_stdout, &ifds);
+			if (buf_length(&buf0) < MAX_BUFSZ) {
+				FD_SET(0, &ifds);
+			}
+			if (buf_length(&buf1) < MAX_BUFSZ) {
+				FD_SET(child_stdout, &ifds);
+			}
 			FD_ZERO(&ofds);
 			if (buf_waiting(&buf1)) {
 				FD_SET(1, &ofds);