[haiku-commits] Re: haiku: hrev46866 - src/kits/network/libnetapi

• From: Stephan Aßmus <superstippi@xxxxxx>
• To: haiku-commits@xxxxxxxxxxxxx
• Date: Thu, 13 Feb 2014 09:58:05 +0100

Hi,

On 13.02.2014 09:38, pulkomandy@xxxxxxxxxxxxx wrote:

diff --git a/src/kits/network/libnetapi/HttpRequest.cpp 
b/src/kits/network/libnetapi/HttpRequest.cpp
index 2212032..118def0 100644
--- a/src/kits/network/libnetapi/HttpRequest.cpp
+++ b/src/kits/network/libnetapi/HttpRequest.cpp
@@ -23,6 +23,7 @@
  #include <File.h>
  #include <Socket.h>
  #include <SecureSocket.h>
+#include <StackOrHeapArray.h>
  #include <ZlibDecompressor.h>


@@ -699,7 +700,7 @@ BHttpRequest::_MakeRequest()
                                                
decompressor.DecompressNext(inputTempBuffer,
                                                        bytesRead);
                                                ssize_t size = 
decompressorStorage.Size();
-                                               char buffer[size];
+                                               BStackOrHeapArray<char, 4096> 
buffer(size);
                                                size = 
decompressorStorage.Read(buffer, size);
                                                if (size > 0) {
                                                        
fListener->DataReceived(this, buffer, size);
@@ -720,7 +721,7 @@ BHttpRequest::_MakeRequest()
                                                ssize_t size = 
decompressorStorage.Size();
                                                char buffer[size];
                                                size = 
decompressorStorage.Read(buffer, size);
-                                               if (size > 0) {
+                                               if (fListener != NULL && size > 
0) {
                                                        
fListener->DataReceived(this, buffer, size);
                                                }
                                        }

From what I understand, the dynamic stack allocated arrays are a GCC extension anyway and should be avoided. So why do you not use the BStackOrHeapArray in the second chunk of the patch? I haven't read the code in context and don't know if it would suffer from the same potential overflow problem, but the array is of dynamic size in any case, so you should switch it there as well.

Best regards,
-Stephan

• References:
  • [haiku-commits] haiku: hrev46866 - src/kits/network/libnetapi
    • From: pulkomandy

Other related posts:

• » [haiku-commits] haiku: hrev46866 - src/kits/network/libnetapi- pulkomandy
• » [haiku-commits] Re: haiku: hrev46866 - src/kits/network/libnetapi - Stephan Aßmus
• » [haiku-commits] Re: haiku: hrev46866 - src/kits/network/libnetapi- Adrien Destugues
• » [haiku-commits] Re: haiku: hrev46866 - src/kits/network/libnetapi- Axel Dörfler
• » [haiku-commits] Re: haiku: hrev46866 - src/kits/network/libnetapi- Stephan Aßmus
• » [haiku-commits] Re: haiku: hrev46866 - src/kits/network/libnetapi- Jonathan Schleifer
• » [haiku-commits] Re: haiku: hrev46866 - src/kits/network/libnetapi- Jonathan Schleifer
• » [haiku-commits] Re: haiku: hrev46866 - src/kits/network/libnetapi- Axel Dörfler

1. Home
2. haiku-commits
3. Archive
4. 02-2014

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---