Skip to content

Memory

Jonathan Hanks requested to merge jonathan-hanks/nds2-client:memory into master

Work on issue #89, memory corruption.

Memory is being corrupted when a bad input comes (negative time value) that is converted to positive and printed. The value is larger than the space provided for it, so the command string being generated overflows, corrupting internal data structures on the heap.

This fix introduces several functions modeled after the bsd strlcpy/strlcat which work on character strings with an overall knowledge of the buffer length.

The changes:

  • update the buffer length calculations to use the actual length needed to print a value (instead of hard coding a reasonable maximum)
  • replace the pointer based string manipulation with higher level functions that are guaranteed not to overflow their buffers.
  • check for command string truncation (should not happen due to proper length counting)
  • update the command generation in both nds1_access.c and nds2_access.c
  • merge the internal _nds2_name_list_length and _nds2_get_name_list into one function (_nds2_get_name_list) which can be called to output a channel list and give size, or just give the size that is required to output. This reduces redundant logic which must be kept in sync.

Merge request reports