Bugtraq mailing list archives
Re: the purpose of dynamic memory allocation
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Wed, 11 Mar 1998 10:37:32 +0000
while(bytes = recv(sock, buf, bufsize, 0)) write(fd, buf, bytes); Normally, recv fails with a 0, but if things go wrong, it will fail with a -1. The third argument to write is UNSIGNED. If that occurs, we'll start at the addr of buf, and attempt to write 4GB to the fd. This is just one example of why I do not consider signed-unsigned mismatch warnings to be inconsequential.recv returns the number of bytes received, or -1 if there is an error. The only way it can return 0 is if a 0-byte message is received (e.g. a 0-length UDP packet). While I'll agree that complaints about
0 means EOF[1]. The code above is sound until it hits an error, whereopn unless you have 64bit files on a 32bit box it will loop harmlessly erroring the attempt to write 4Gig of data. Its wildly improbable on a 64bit fs aware box it would doing anything more that return "bad address" errors. But not checking for -1 is an error. [1] Who says you cant use recv on non datagram sockets, or on datagram protocols that support EOF Alan
Current thread:
- the purpose of dynamic memory allocation D. J. Bernstein (Mar 04)
- Re: the purpose of dynamic memory allocation sinster () DARKWATER COM (Mar 05)
- New OpenBSD security web page Theo de Raadt (Mar 06)
- <Possible follow-ups>
- Re: the purpose of dynamic memory allocation tqbf () secnet com (Mar 06)
- Possible Bug in CDE on HP-UX gareth greenaway (Mar 09)
- Re: Possible Bug in CDE on HP-UX Jeremy Brinkley (Mar 10)
- Re: the purpose of dynamic memory allocation David LeBlanc (Mar 10)
- Re: the purpose of dynamic memory allocation Jeffrey Hutzelman (Mar 10)
- Re: the purpose of dynamic memory allocation Alan Cox (Mar 11)
- DoS (and possibly more) on MDaemon for NT/95 Alvaro Martinez Echevarria (Mar 10)
- MDaemon SMTP Server Buffer Overflow's Aleph One (Mar 10)
- Security problem in Slackware. Suman_Saraf (Mar 11)
- Re: Security problem in Slackware. Peter van Dijk (Mar 13)
- /tmp event logger Michal Zalewski (Mar 14)
- Re: /tmp event logger Theo de Raadt (Mar 15)
- Possible Bug in CDE on HP-UX gareth greenaway (Mar 09)
- Vunerable shell scripts Michal Zalewski (Mar 14)
- More broadcast fun T. Freak (Mar 14)
- Midnight Commander /tmp race Michal Zalewski (Mar 15)
- Re: Midnight Commander /tmp race Pavel Kankovsky (Mar 17)