[Pvfs2-developers] Buffer overflows when using protocol decode
nlmills at g.clemson.edu
Tue Jun 1 12:57:49 EDT 2010
Is there any code in place to prevent buffer overflows when decoding server
messages (requests and responses)? In particular I'm thinking of the
variable-length types like string that are prefixed with their size. It
seems to me that if the size is encoded incorrectly then there is nothing to
prevent the server from attempting to read past the end of the request data.
Buffer overflows are a concern for me because I'm using the encode/decode
functions to serialize some security data. I'd like the implementation to be
as robust as possible; however, if the server code itself doesn't protect
against buffer overflows then there's not much point to me adding it only to
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pvfs2-developers