[sysmon-help] Frequently failing Sysmon ping tests...

Jared Mauch jared at puck.nether.net
Mon Aug 3 15:45:41 EDT 2009


i should have decent network access sometime tomorrow. Will try to  
look at this.

Jared Mauch

On Aug 3, 2009, at 12:41 PM, Morgan Aldridge  
<morgant at makkintosshu.com> wrote:

> On Mon, Aug 3, 2009 at 12:40 PM, Morgan
> Aldridge<morgant at makkintosshu.com> wrote:
>>
>> Could it have anything to do with 'buffer' having a length of 1024?
>> None of the lines in the source of the page being requested appear to
>> have even 255 chars, let alone 1024, but I haven't looked at
>> getline_tcp() to see how it determines what one line is.
>
> To continue my thinking outloud...
>
> I took a peek at getline_tcp() in talktcp.c and have a question about
> the following part of it:
>
>   strncat(buffer, &buf, 1);
>   if (strlen(buffer) > 200)
>   {
>       return 0;
>   }
>
> Shouldn't that conditional statement be something more like the  
> following?
>
>   if (strlen(buffer) >= sizeof(buffer))
>
> I ask this because the buffer that service_test_www() (from http.c)
> sends to getline_tcp() is an array of 1024 characters, so isn't
> getline_tcp() returning if the length of the string stored in the
> buffer exceeds 200 characters, therefore only utilizing about 20% of
> the buffer?
>
> Granted, service_test_www() doesn't seem to check the length of buffer
> before sending it to print_err() and I didn't immediately see anything
> else in getline_tcp() that could cause the out-of-bounds read. Any
> other tips so I can get debugging working properly and try to find the
> main issue?
>
> Morgan Aldridge
> ---
> morgant at makkintosshu.com
> http://www.makkintosshu.com/
> _______________________________________________
> Sysmon-help mailing list
> Sysmon-help at puck.nether.net
> https://puck.nether.net/mailman/listinfo/sysmon-help


More information about the Sysmon-help mailing list