From: "Mathieu L." <lejatorn@gmail.com>
To: 9fans@9fans.net
Subject: [9fans] dial and buffer overflow
Date: Sat, 4 Jul 2009 17:43:44 +0200 [thread overview]
Message-ID: <20ae243dee85d9b5376291922dbbbd3f@smgl.fr.eu.org> (raw)
Hello all,
I have this piece of code that looks like this:
for (int i=0; i<5 ; i++){
for (int j=0; j<HASHSIZE; j++)
print("%.2ux", (tor->sha1list)[i][j]);
print("\n");
}
print("addr called: %s\n",netmkaddr(address, "tcp", port));
ctlfd = dial(netmkaddr(address, "tcp", port), 0, 0, 0);
if(ctlfd < 0){
fprint(2, "can't dial %s: %r\n", address);
exits("dialing");
}
for (int i=0; i<5 ; i++){
for (int j=0; j<HASHSIZE; j++)
print("%.2ux", (tor->sha1list)[i][j]);
print("\n");
}
which gives that kind of input:
f8c3f943edf54d28e3f894e9416d5312a49c3916
5d7a30beaef2b56a06b8aea37cd3263698825ec3
b456f6749bf907233c183c04277569aa0833e386
3e2d9cee1e07d3d770f1a6081a006394cb4b35d3
c43a3bd4caa813a75f58096068309ede6e96cacd
addr called: tcp!127.0.0.1!6895
6970000034930300eb9803000e0000000e000000
5d7a30bed80802313cc70000349303003ffd0100
b456f6749bf907233c183c04277569aa0833e386
3e2d9cee1e07d3d770f1a6081a006394cb4b35d3
c43a3bd4caa813a75f58096068309ede6e96cacd
so it seems like something happens when calling dial which modifies what
I have in memory pointed by tor->sha1list[i], and that is of course not
what I want, as those values should have nothing to do with the call to
dial itself.
the various tor->sha1list[i][j] were allocated and set earlier in the
code, and I don't think I wrote out of their boundaries when I did so
since I can free() them all just before the call to dial() without getting
an error. Although I'm not sure that's a conclusive enough test, is it?
It's on 9vx so I can't use acid or leak since both systematically freeze
9vx here.
Does anyone have an idea on what I'm doing wrong or how to debug that
further?
Thanks,
Mathieu
next reply other threads:[~2009-07-04 15:43 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-04 15:43 Mathieu L. [this message]
2009-07-04 20:43 ` erik quanstrom
2009-07-04 22:11 ` Mathieu L.
2009-07-05 0:36 ` erik quanstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20ae243dee85d9b5376291922dbbbd3f@smgl.fr.eu.org \
--to=lejatorn@gmail.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).