From 5c14cd9f7ca1aeb19a7a69ab44e94f025ad39bf4 Mon Sep 17 00:00:00 2001
From: Pierre Ossman <ossman@cendio.se>
Date: Mon, 25 Nov 2024 20:33:40 +0100
Subject: [PATCH] Don't save exceptions as std::exception

That type is not guaranteed to preserve anything useful at all. Instead,
try to either preserve a more specific type, or use std::runtime_error
which at least has a guaranteed message.
---
 common/rdr/TLSInStream.cxx   | 10 +++++++---
 common/rdr/TLSOutStream.cxx  | 10 +++++++---
 common/rfb/DecodeManager.cxx |  2 +-
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/common/rdr/TLSInStream.cxx b/common/rdr/TLSInStream.cxx
index 7c867e88c2..ee2739f4e6 100644
--- a/common/rdr/TLSInStream.cxx
+++ b/common/rdr/TLSInStream.cxx
@@ -64,7 +64,7 @@ ssize_t TLSInStream::pull(gnutls_transport_ptr_t str, void* data, size_t size)
   } catch (std::exception& e) {
     vlog.error("Failure reading TLS data: %s", e.what());
     gnutls_transport_set_errno(self->session, EINVAL);
-    self->saved_exception = new std::exception(e);
+    self->saved_exception = new std::runtime_error(e.what());
     return -1;
   }
 
@@ -117,8 +117,12 @@ size_t TLSInStream::readTLS(uint8_t* buf, size_t len)
     break;
   };
 
-  if (n == GNUTLS_E_PULL_ERROR)
-    throw *saved_exception;
+  if (n == GNUTLS_E_PULL_ERROR) {
+    if (dynamic_cast<socket_error*>(saved_exception))
+      throw *dynamic_cast<socket_error*>(saved_exception);
+    else
+      throw std::runtime_error(saved_exception->what());
+  }
 
   if (n < 0)
     throw tls_error("readTLS", n);
diff --git a/common/rdr/TLSOutStream.cxx b/common/rdr/TLSOutStream.cxx
index 1e555fc15f..365ffd6004 100644
--- a/common/rdr/TLSOutStream.cxx
+++ b/common/rdr/TLSOutStream.cxx
@@ -54,7 +54,7 @@ ssize_t TLSOutStream::push(gnutls_transport_ptr_t str, const void* data,
   } catch (std::exception& e) {
     vlog.error("Failure sending TLS data: %s", e.what());
     gnutls_transport_set_errno(self->session, EINVAL);
-    self->saved_exception = new std::exception(e);
+    self->saved_exception = new std::runtime_error(e.what());
     return -1;
   }
 
@@ -114,8 +114,12 @@ size_t TLSOutStream::writeTLS(const uint8_t* data, size_t length)
   if (n == GNUTLS_E_INTERRUPTED || n == GNUTLS_E_AGAIN)
     return 0;
 
-  if (n == GNUTLS_E_PUSH_ERROR)
-    throw *saved_exception;
+  if (n == GNUTLS_E_PUSH_ERROR) {
+    if (dynamic_cast<socket_error*>(saved_exception))
+      throw *dynamic_cast<socket_error*>(saved_exception);
+    else
+      throw std::runtime_error(saved_exception->what());
+  }
 
   if (n < 0)
     throw tls_error("writeTLS", n);
diff --git a/common/rfb/DecodeManager.cxx b/common/rfb/DecodeManager.cxx
index 09118f36e6..4effe985ed 100644
--- a/common/rfb/DecodeManager.cxx
+++ b/common/rfb/DecodeManager.cxx
@@ -260,7 +260,7 @@ void DecodeManager::throwThreadException()
   if (threadException == nullptr)
     return;
 
-  std::exception e(*threadException);
+  std::runtime_error e(threadException->what());
 
   delete threadException;
   threadException = nullptr;