[sysmon-help] Frequently failing Sysmon ping tests...
Morgan Aldridge
morgant at makkintosshu.com
Mon Aug 3 12:41:30 EDT 2009
On Mon, Aug 3, 2009 at 12:40 PM, Morgan
Aldridge<morgant at makkintosshu.com> wrote:
>
> Could it have anything to do with 'buffer' having a length of 1024?
> None of the lines in the source of the page being requested appear to
> have even 255 chars, let alone 1024, but I haven't looked at
> getline_tcp() to see how it determines what one line is.
To continue my thinking outloud...
I took a peek at getline_tcp() in talktcp.c and have a question about
the following part of it:
strncat(buffer, &buf, 1);
if (strlen(buffer) > 200)
{
return 0;
}
Shouldn't that conditional statement be something more like the following?
if (strlen(buffer) >= sizeof(buffer))
I ask this because the buffer that service_test_www() (from http.c)
sends to getline_tcp() is an array of 1024 characters, so isn't
getline_tcp() returning if the length of the string stored in the
buffer exceeds 200 characters, therefore only utilizing about 20% of
the buffer?
Granted, service_test_www() doesn't seem to check the length of buffer
before sending it to print_err() and I didn't immediately see anything
else in getline_tcp() that could cause the out-of-bounds read. Any
other tips so I can get debugging working properly and try to find the
main issue?
Morgan Aldridge
---
morgant at makkintosshu.com
http://www.makkintosshu.com/
More information about the Sysmon-help
mailing list