From bdac2df4b948a7859b8c0345e44de33b8a58b3bb Mon Sep 17 00:00:00 2001 From: Cameron Gutman Date: Thu, 24 Dec 2020 11:59:33 -0600 Subject: [PATCH] Fixed crash if we get a short read from the Xbox One controller --- .../binding/input/driver/Xbox360Controller.java | 4 ++-- .../binding/input/driver/XboxOneController.java | 10 ++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/app/src/main/java/com/limelight/binding/input/driver/Xbox360Controller.java b/app/src/main/java/com/limelight/binding/input/driver/Xbox360Controller.java index 2c92a6d2..01b2b9a8 100644 --- a/app/src/main/java/com/limelight/binding/input/driver/Xbox360Controller.java +++ b/app/src/main/java/com/limelight/binding/input/driver/Xbox360Controller.java @@ -66,8 +66,8 @@ public class Xbox360Controller extends AbstractXboxController { @Override protected boolean handleRead(ByteBuffer buffer) { - if (buffer.limit() < 14) { - LimeLog.severe("Read too small: "+buffer.limit()); + if (buffer.remaining() < 14) { + LimeLog.severe("Read too small: "+buffer.remaining()); return false; } diff --git a/app/src/main/java/com/limelight/binding/input/driver/XboxOneController.java b/app/src/main/java/com/limelight/binding/input/driver/XboxOneController.java index 065212e1..80249cdc 100644 --- a/app/src/main/java/com/limelight/binding/input/driver/XboxOneController.java +++ b/app/src/main/java/com/limelight/binding/input/driver/XboxOneController.java @@ -101,11 +101,21 @@ public class XboxOneController extends AbstractXboxController { switch (buffer.get()) { case 0x20: + if (buffer.remaining() < 17) { + LimeLog.severe("XBone button/axis read too small: "+buffer.remaining()); + return false; + } + buffer.position(buffer.position()+3); processButtons(buffer); return true; case 0x07: + if (buffer.remaining() < 4) { + LimeLog.severe("XBone mode read too small: "+buffer.remaining()); + return false; + } + // The Xbox One S controller needs acks for mode reports otherwise // it retransmits them forever. if (buffer.get() == 0x30) {