From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat, 3 May 2025 14:02:53 +0000 (+0000)
Subject: xfer: Remove recursive function call
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=eb38b05c8c8b6b9177180478eff8c4037339199e;p=pakfire.git

xfer: Remove recursive function call

I am not sure why I am suddenly scared of this, but there have been some
security-relevant issues where this could exhaust the stack.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/pakfire/xfer.c b/src/pakfire/xfer.c
index a3cb11f6..efbb19fd 100644
--- a/src/pakfire/xfer.c
+++ b/src/pakfire/xfer.c
@@ -1008,38 +1008,40 @@ static int pakfire_xfer_socket_recv(struct pakfire_xfer* xfer) {
 	size_t bytes_received = 0;
 
 	// Read as many bytes as possible
-	r = curl_ws_recv(xfer->handle, buffer, sizeof(buffer), &bytes_received, &meta);
-	switch (r) {
-		case CURLE_OK:
-			break;
+	for (;;) {
+		r = curl_ws_recv(xfer->handle, buffer, sizeof(buffer), &bytes_received, &meta);
+		switch (r) {
+			case CURLE_OK:
+				break;
 
-		case CURLE_AGAIN:
-			return 0;
+			case CURLE_AGAIN:
+				return 0;
 
-		// We seem to have lost the connection
-		case CURLE_GOT_NOTHING:
-			return pakfire_xfer_fail(xfer, PAKFIRE_XFER_TRANSPORT_ERROR);
+			// We seem to have lost the connection
+			case CURLE_GOT_NOTHING:
+				return pakfire_xfer_fail(xfer, PAKFIRE_XFER_TRANSPORT_ERROR);
 
-		default:
-			ERROR(xfer->ctx, "Could not read from WebSocket: %s\n", curl_easy_strerror(r));
+			default:
+				ERROR(xfer->ctx, "Could not read from WebSocket: %s\n", curl_easy_strerror(r));
 
-			return r;
-	}
+				return r;
+		}
 
-	DEBUG(xfer->ctx, "Read %zu byte(s) from WebSocket\n", bytes_received);
+		DEBUG(xfer->ctx, "Read %zu byte(s) from WebSocket\n", bytes_received);
 
-	// If we have not received anything, we will wait for being called again
-	if (!bytes_received)
-		return 0;
+		// If we have not received anything, we will wait for being called again
+		if (!bytes_received)
+			return 0;
 
-	// Allocate some buffer space
-	r = pakfire_buffer_push(&xfer->recv_buffer, buffer, bytes_received);
-	if (r < 0)
-		return r;
+		// Allocate some buffer space
+		r = pakfire_buffer_push(&xfer->recv_buffer, buffer, bytes_received);
+		if (r < 0)
+			return r;
 
-	// Call again if this was not the entire message
-	if (meta->flags & CURLWS_CONT)
-		return pakfire_xfer_socket_recv(xfer);
+		// We are done reading the message if the CONT flag is not longer set
+		if (!(meta->flags & CURLWS_CONT))
+			break;
+	}
 
 	DEBUG(xfer->ctx, "We have received a message of %zu byte(s)\n",
 		pakfire_buffer_length(&xfer->recv_buffer));