I have declared the following struct:
struct PropagateInfo {
string type; // "registrati on", "gossip", "terminatio n"
int initiatePeerID;
};
which I used as follows:
PropagateInfo* initiatePeerInf o = new PropagateInfo;
initiatePeerInf o->type = type; // type is set to "registrati on"
initiatePeerInf o->initiatePeer ID = ID;
cout << "type before sending to overseer: " << initiatePeerInf o->type << \
endl; // prints "registrati on"
// sending the struct initatePeerInfo to the server
if ( (numBytes = sendto(sockfd, (void*)initiate PeerInfo, \
MAX_UDP_PACKET_ SIZE, 0, (struct sockaddr *)&serv_addr, sizeof(struct \
sockaddr))) == -1 ) {
cerr << "send to: " << strerror(errno) << endl;
exit(1);
}
cout << "bytes sent: " << numBytes << endl; // prints 512
/**** server side *****/
numBytes = recvfrom( sockfd, initiatePeer, MAX_UDP_PACKET_ SIZE, 0, (struct
sockaddr *) &peer_addr, &addrLen );
// I have also tried sizeof(struct PropagateInfo) instead of
MAX_UDP_PACKET_ SIZE
cout << "num bytes received: " << numBytes << endl; // prints 512
initiatePeerID = ((PropagateInfo *)initiatePeer)->initiatePeerID ;
cout << "initiatePeerID : " << initiatePeerID << endl; // prints the
correct ID
type = ((PropagateInfo *)initiatePeer)->type;
// error - nothing (i.e. "") is printed!!!
cout << "type after receiving: " << type << endl;
output:
type after receiving:
my question:
Why is ((PropagateInfo *)initiatePeer)->type "registrati on" before sendto;
but "" after recvfrom?!
Thanks for your help.
Documentation: http://linux.com.hk/PenguinWeb/manpa...send§ion=2 2 3265
"William" <wh******@stude nt.cs.uwaterloo .ca> wrote... I have declared the following struct: struct PropagateInfo { string type; // "registrati on", "gossip", "terminatio n"
Keep in mind that 'string' object does not _itself_ contain the chars
it consists of. It allocates it elsewhere, usually in free store. So,
writing out contents of 'type' as if they were consecutive bytes does
not accomplish writing out "registrati on" even if type->c_str() actually
yields "registrati on". That's the problem with serialisation in C++,
it's just not that simple.
int initiatePeerID; };
[...]
William schrieb: I have declared the following struct: struct PropagateInfo { string type; // "registrati on", "gossip", "terminatio n" int initiatePeerID; };
[snip]
// sending the struct initatePeerInfo to the server if ( (numBytes = sendto(sockfd, (void*)initiate PeerInfo, \ MAX_UDP_PACKET_ SIZE, 0, (struct sockaddr *)&serv_addr, sizeof(struct \ sockaddr))) == -1 ) { cerr << "send to: " << strerror(errno) << endl; exit(1); } cout << "bytes sent: " << numBytes << endl; // prints 512
In addition to what Victor said, there is a *major* problem with your
code, plus a few smaller ones:
* the cast to void* is not necessary, but that you felt the need to use
it should have rung every available alarm bell ;)
* use C++ style casts instead
* The big one: you're telling sendto() to send MAX_UDP_PACKET_ SIZE
bytes, which is almost guaranteed to be more than sizeof( PropagateInfo
), resulting in undefined behaviour and the potential for very nasty
things to happen. Now sendto() only reads the data you pass, so it's
fortunately only an invalid memory read. The output of 512 should warn
you. PropagateInfo as declared above is never going to be 512 bytes
large...
/**** server side *****/ numBytes = recvfrom( sockfd, initiatePeer, MAX_UDP_PACKET_ SIZE, 0, (struct sockaddr *) &peer_addr, &addrLen );
* And now for the really big one:
Here you're doing the same, but this time around with an operation
(recvfrom()) that will _write_ past the end of initiatePeer. This kind
of bug (buffer overflow) is the number one cause for security problems
in software, especially when it comes to networking.
// I have also tried sizeof(struct PropagateInfo) instead of MAX_UDP_PACKET_ SIZE
That would have been correct except for the more general problem as
mentioned by Victor.
cout << "num bytes received: " << numBytes << endl; // prints 512
You're quite lucky this statement was still executed instead of your
program crashing. Actually, you're not so lucky because a crash would
have had more warning potential than a somewhat working program :-)
With code as above in a program that receives data from the network,
you're inviting everyone who can send packets to the machine it's
running on to play with it. It shouldn't take more than a few minutes
to create a UDP packet that will result in your program executing any
code on your machine to the sender's delight. Remember, not only your
client can send data to it - firewalls provide some protection, but
maybe you intend your server to be connectable from the outside...
Please get more familiar with how pointers work before you consider
using them in networked applications. And memorise this: Never trust
any data received from the network to be wellformed and benign - the
same holds for any other kind of input. Expect the unexpected and write
code that will cope nicely with the most bizarre input data imaginable.
That said, I'm not at all trying to prevent you from exploring the world
of socket programming nor pointers. Only the issue is very serious and
you should be aware of the security implications.
Cheers,
Malte This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Wim Deprez |
last post by:
Hi group,
I am trying to port a reliable multicast framework for UNIX to Win32 and so
far so good, but I stumbled on the next problem:
in the original code, the programmers use the recvmsg() function and as far
as I know, there is no Windows-version of this function. So I guess I will
have to translate it to a recvfrom(), but that gives some problems.
First of all, in the man pages I read the following:
|
by: D.Frangiskatos |
last post by:
Hi,
I have been working for a few months in project that deals
raw sockets. However recently, and while trying to examine
the contents of the buffer used in recvfrom i was a bit
confused. The buffer was allocated using malloc as it can
be seen next:
do
{
..............
|
by: IMS.Rushikesh |
last post by:
Hi All,
I am trying to execute below code but it gives me an COMException
///// Code Start ////
public string GetName(Excel.Range range)
{
try
{
if (range.Name != null)
|
by: Neil Young |
last post by:
Hello group,
I'm referring to a "rather old thread" (April 21st 2005). Because I also ran
into problems with ASP.NET 2.0 formview and DBNull, but found a way around,
I would like to share my experiences here.
The problem: A given datatable containing nullable datetime or integer
column(s) cannot be fed by a formview, if the edited or inserted date string
is empty. The same in similarity with other typed columns (not tested). This
is...
|
by: Omega |
last post by:
I have a problem with recvfrom(). I get a message and no error occurs,
but the struct sockaddr* from is not filled with sender's data.
The client's source code:
#include "reversi.h"
-------------------------------------------------------------------
int main() {
int socket_id = socket(PF_INET,SOCK_DGRAM,0);
struct sockaddr_in adres;
| |
by: Jack |
last post by:
Hi guys,
I can't figure this out.
rec = recvfrom(sdUDP, buf, BUFSIZE, 0, (struct sockaddr
*)&connectChannel, &chanSizeUDP );
while(1){
if (rec 0){
snt = sendto(sdUDP, buf, rec, 0, (struct sockaddr
*)&connectChannel, chanSizeUDP );
rec = recvfrom(sdUDP, buf, BUFSIZE, 0, (struct sockaddr
|
by: lgwe |
last post by:
I want to receive 200 udp datagrams. Each into a new data string.
But I dont know how to do that, this is wrong:
import socket
s = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
s.bind(("",port))
i = 0
while i<200:
data,addr = s.recvfrom(1024)
i = +1
|
by: Jeff |
last post by:
Hi,
Fairly new to python, messing with some socket and pcap sniffing and
have come across the following issue while trying to do a pcap_loop
(via pcapy http://oss.coresecurity.com/projects/pcapy.html). I believe
i recall seeing similar stuff using other pcap libs with python in the
past (such as pylibpcap)
in a nutshell, blocking on a read using socket.recvfrom(buf), which
strace shows me is sitting in recvfrom(2) allows ctrl-c to be...
|
by: kardon33 |
last post by:
Is there a difference between the way the function recvfrom and sendto use the address structure.
When i use sento it works fine, but when I try and use recvfrom with the same variables it errors out with (bad address).
Or is there a better way to receive packets from a socket that i just sent to.
Theres some of my source code.
struct sockaddr_in a;
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
| |
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| |