Bugtraq mailing list archives
Re: the purpose of dynamic memory allocation
From: jhutz+ () cmu edu (Jeffrey Hutzelman)
Date: Tue, 10 Mar 1998 20:07:21 -0500
Along the same lines, I've seen the following occur: while(bytes = recv(sock, buf, bufsize, 0)) write(fd, buf, bytes); Normally, recv fails with a 0, but if things go wrong, it will fail with a -1. The third argument to write is UNSIGNED. If that occurs, we'll start at the addr of buf, and attempt to write 4GB to the fd. This is just one example of why I do not consider signed-unsigned mismatch warnings to be inconsequential.
recv returns the number of bytes received, or -1 if there is an error. The only way it can return 0 is if a 0-byte message is received (e.g. a 0-length UDP packet). While I'll agree that complaints about size and signed-ness mismatches are a Good Thing, the above code suffers from the (IMHO) much worse problem of failing to check for an error return from recv.... -- Jeffrey T. Hutzelman (N3NHS) <jhutz+ () cmu edu> Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA
Current thread:
- the purpose of dynamic memory allocation D. J. Bernstein (Mar 04)
- Re: the purpose of dynamic memory allocation sinster () DARKWATER COM (Mar 05)
- New OpenBSD security web page Theo de Raadt (Mar 06)
- <Possible follow-ups>
- Re: the purpose of dynamic memory allocation tqbf () secnet com (Mar 06)
- Possible Bug in CDE on HP-UX gareth greenaway (Mar 09)
- Re: Possible Bug in CDE on HP-UX Jeremy Brinkley (Mar 10)
- Re: the purpose of dynamic memory allocation David LeBlanc (Mar 10)
- Re: the purpose of dynamic memory allocation Jeffrey Hutzelman (Mar 10)
- Re: the purpose of dynamic memory allocation Alan Cox (Mar 11)
- DoS (and possibly more) on MDaemon for NT/95 Alvaro Martinez Echevarria (Mar 10)
- MDaemon SMTP Server Buffer Overflow's Aleph One (Mar 10)
- Security problem in Slackware. Suman_Saraf (Mar 11)
- Re: Security problem in Slackware. Peter van Dijk (Mar 13)
- /tmp event logger Michal Zalewski (Mar 14)
- Re: /tmp event logger Theo de Raadt (Mar 15)
- Possible Bug in CDE on HP-UX gareth greenaway (Mar 09)
- Vunerable shell scripts Michal Zalewski (Mar 14)
- More broadcast fun T. Freak (Mar 14)
- Midnight Commander /tmp race Michal Zalewski (Mar 15)