473,320 Members | 1,883 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

recvfrom gives empty string

I have declared the following struct:
struct PropagateInfo {
string type; // "registration", "gossip", "termination"
int initiatePeerID;
};

which I used as follows:

PropagateInfo* initiatePeerInfo = new PropagateInfo;
initiatePeerInfo->type = type; // type is set to "registration"
initiatePeerInfo->initiatePeerID = ID;

cout << "type before sending to overseer: " << initiatePeerInfo->type << \
endl; // prints "registration"

// sending the struct initatePeerInfo to the server
if ( (numBytes = sendto(sockfd, (void*)initiatePeerInfo, \
MAX_UDP_PACKET_SIZE, 0, (struct sockaddr *)&serv_addr, sizeof(struct \
sockaddr))) == -1 ) {
cerr << "send to: " << strerror(errno) << endl;
exit(1);
}
cout << "bytes sent: " << numBytes << endl; // prints 512
/**** server side *****/
numBytes = recvfrom( sockfd, initiatePeer, MAX_UDP_PACKET_SIZE, 0, (struct
sockaddr *) &peer_addr, &addrLen );
// I have also tried sizeof(struct PropagateInfo) instead of
MAX_UDP_PACKET_SIZE

cout << "num bytes received: " << numBytes << endl; // prints 512
initiatePeerID = ((PropagateInfo*)initiatePeer)->initiatePeerID;
cout << "initiatePeerID: " << initiatePeerID << endl; // prints the
correct ID

type = ((PropagateInfo*)initiatePeer)->type;
// error - nothing (i.e. "") is printed!!!
cout << "type after receiving: " << type << endl;

output:
type after receiving:

my question:
Why is ((PropagateInfo*)initiatePeer)->type "registration" before sendto;
but "" after recvfrom?!

Thanks for your help.

Documentation:
http://linux.com.hk/PenguinWeb/manpa...send&section=2
Jul 23 '05 #1
2 3250
"William" <wh******@student.cs.uwaterloo.ca> wrote...
I have declared the following struct:
struct PropagateInfo {
string type; // "registration", "gossip", "termination"
Keep in mind that 'string' object does not _itself_ contain the chars
it consists of. It allocates it elsewhere, usually in free store. So,
writing out contents of 'type' as if they were consecutive bytes does
not accomplish writing out "registration" even if type->c_str() actually
yields "registration". That's the problem with serialisation in C++,
it's just not that simple.
int initiatePeerID;
};

[...]

Jul 23 '05 #2
William schrieb:
I have declared the following struct:
struct PropagateInfo {
string type; // "registration", "gossip", "termination"
int initiatePeerID;
};
[snip]
// sending the struct initatePeerInfo to the server
if ( (numBytes = sendto(sockfd, (void*)initiatePeerInfo, \
MAX_UDP_PACKET_SIZE, 0, (struct sockaddr *)&serv_addr, sizeof(struct \
sockaddr))) == -1 ) {
cerr << "send to: " << strerror(errno) << endl;
exit(1);
}
cout << "bytes sent: " << numBytes << endl; // prints 512
In addition to what Victor said, there is a *major* problem with your
code, plus a few smaller ones:

* the cast to void* is not necessary, but that you felt the need to use
it should have rung every available alarm bell ;)
* use C++ style casts instead
* The big one: you're telling sendto() to send MAX_UDP_PACKET_SIZE
bytes, which is almost guaranteed to be more than sizeof( PropagateInfo
), resulting in undefined behaviour and the potential for very nasty
things to happen. Now sendto() only reads the data you pass, so it's
fortunately only an invalid memory read. The output of 512 should warn
you. PropagateInfo as declared above is never going to be 512 bytes
large...
/**** server side *****/
numBytes = recvfrom( sockfd, initiatePeer, MAX_UDP_PACKET_SIZE, 0, (struct
sockaddr *) &peer_addr, &addrLen );
* And now for the really big one:
Here you're doing the same, but this time around with an operation
(recvfrom()) that will _write_ past the end of initiatePeer. This kind
of bug (buffer overflow) is the number one cause for security problems
in software, especially when it comes to networking.
// I have also tried sizeof(struct PropagateInfo) instead of
MAX_UDP_PACKET_SIZE
That would have been correct except for the more general problem as
mentioned by Victor.
cout << "num bytes received: " << numBytes << endl; // prints 512


You're quite lucky this statement was still executed instead of your
program crashing. Actually, you're not so lucky because a crash would
have had more warning potential than a somewhat working program :-)

With code as above in a program that receives data from the network,
you're inviting everyone who can send packets to the machine it's
running on to play with it. It shouldn't take more than a few minutes
to create a UDP packet that will result in your program executing any
code on your machine to the sender's delight. Remember, not only your
client can send data to it - firewalls provide some protection, but
maybe you intend your server to be connectable from the outside...

Please get more familiar with how pointers work before you consider
using them in networked applications. And memorise this: Never trust
any data received from the network to be wellformed and benign - the
same holds for any other kind of input. Expect the unexpected and write
code that will cope nicely with the most bizarre input data imaginable.

That said, I'm not at all trying to prevent you from exploring the world
of socket programming nor pointers. Only the issue is very serious and
you should be aware of the security implications.

Cheers,
Malte
Jul 23 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: Wim Deprez | last post by:
Hi group, I am trying to port a reliable multicast framework for UNIX to Win32 and so far so good, but I stumbled on the next problem: in the original code, the programmers use the recvmsg()...
2
by: D.Frangiskatos | last post by:
Hi, I have been working for a few months in project that deals raw sockets. However recently, and while trying to examine the contents of the buffer used in recvfrom i was a bit confused. The...
4
by: IMS.Rushikesh | last post by:
Hi All, I am trying to execute below code but it gives me an COMException ///// Code Start //// public string GetName(Excel.Range range) { try { if (range.Name != null)
0
by: Neil Young | last post by:
Hello group, I'm referring to a "rather old thread" (April 21st 2005). Because I also ran into problems with ASP.NET 2.0 formview and DBNull, but found a way around, I would like to share my...
9
by: Omega | last post by:
I have a problem with recvfrom(). I get a message and no error occurs, but the struct sockaddr* from is not filled with sender's data. The client's source code: #include "reversi.h"...
1
by: Jack | last post by:
Hi guys, I can't figure this out. rec = recvfrom(sdUDP, buf, BUFSIZE, 0, (struct sockaddr *)&connectChannel, &chanSizeUDP ); while(1){ if (rec 0){ snt = sendto(sdUDP, buf, rec, 0, (struct...
2
by: lgwe | last post by:
I want to receive 200 udp datagrams. Each into a new data string. But I dont know how to do that, this is wrong: import socket s = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)...
0
by: Jeff | last post by:
Hi, Fairly new to python, messing with some socket and pcap sniffing and have come across the following issue while trying to do a pcap_loop (via pcapy...
2
by: kardon33 | last post by:
Is there a difference between the way the function recvfrom and sendto use the address structure. When i use sento it works fine, but when I try and use recvfrom with the same variables it errors...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.