- inhibited buffer overflow in NetReaderTask

- check for double registered sockets in NetReadRegister
2008-09-16 14:12:59 +00:00
parent e0c6c635b4
commit 52a93e6cc3
1 changed files with 35 additions and 5 deletions
--- a/nread.c
+++ b/nread.c
@ -126,7 +126,9 @@ extern int VerifyChannel(mkChannel *self); /* defined in network.c */
  int NetReadRegister(pNetRead self, mkChannel *pSock, eNRType eType,
                      SConnection *pCon)
  {
-     NetItem sItem;
+     NetItem sItem, sEntry;
+     char buffer[80];
+     int iRet;
     
     assert(self);
     if(!VerifyChannel(pSock))
@ -142,6 +144,20 @@ extern int VerifyChannel(mkChannel *self); /* defined in network.c */
     sItem.iReadable = 0;
     memset(sItem.pHold,0,511);
     
+     /* check if the entry is already there */
+     iRet = LLDnodePtr2First(self->iList);
+     while(iRet != 0)
+     {
+       LLDnodeDataTo(self->iList,&sEntry);
+       if(sEntry.pSock->sockid == pSock->sockid)
+       {
+          snprintf(buffer, sizeof buffer, "NetReadRegister twice %d type %d", pSock->sockid, eType);
+          WriteToCommandLog("SYS>",buffer);
+          return 1;
+       }
+       iRet = LLDnodePtr2Next(self->iList);
+     }
+
     LLDnodeAppendFrom(self->iList, &sItem);
     return 1;
  }
@ -690,6 +706,8 @@ extern int VerifyChannel(mkChannel *self); /* defined in network.c */
    char num[50];
    IPair *options = NULL;
    char buffer[1024];
+    int bufferLen;
+    static int bufferFull=0;
    
    self = (pNetRead)pData;
    assert(self);
@ -709,6 +727,7 @@ extern int VerifyChannel(mkChannel *self); /* defined in network.c */
    iRet = LLDnodePtr2First(self->iList);
    iCount = 0;
    buffer[0] = '\0';
+    bufferLen = 0;
    while(iRet != 0)
    {
      LLDnodeDataTo(self->iList,&NItem);
@ -716,8 +735,15 @@ extern int VerifyChannel(mkChannel *self); /* defined in network.c */
      {
        break;
      }
-      sprintf(num,"%d, type %d:", NItem.pSock->sockid, NItem.eType);
-      strcat(buffer,num);
+      snprintf(num,sizeof num, "%d, type %d:", NItem.pSock->sockid, NItem.eType);
+      if (bufferLen + strlen(num) < sizeof buffer) {
+        strcpy(buffer + bufferLen, num);
+        bufferLen += strlen(num);
+      } else {
+        if (bufferFull == 0) {
+          bufferFull = 1;
+        }
+      }
      FD_SET(NItem.pSock->sockid,&lMask);
      if(NItem.pSock->sockid > iCount)
      {
@ -727,10 +753,14 @@ extern int VerifyChannel(mkChannel *self); /* defined in network.c */
      iRet = LLDnodePtr2Next(self->iList);
    }
    
-    snprintf(num,50,"%d", conCount);
+    snprintf(num,sizeof num,"%d", conCount);
    IFSetOption(pSICSOptions,"ConnectionCount",num);
    IFSetOption(pSICSOptions,"ConMask",buffer);
    
+    if (bufferFull == 1) {
+      bufferFull = 2;
+      WriteToCommandLog("BUFFERFULL>",buffer);
+    }
    
    /* the select itself */
    tmo.tv_usec = self->iReadTimeout;