This is the mail archive of the ecos-discuss@sources.redhat.com mailing list for the eCos project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

return value of fdopen in cyg_httpd_process should be checked for validity

From: "sandeep" <sandeep at codito dot com>
To: <ecos-discuss at sources dot redhat dot com>
Date: Wed, 10 Dec 2003 16:20:41 +0530
Subject: [ECOS] return value of fdopen in cyg_httpd_process should be checked for validity
Organization: Codito Technologies Pvt. Ltd.

function cyg_httpd_process in httpd.c , has code like --

 FILE *client;
------- snipped -------
 client = fdopen( client_socket, "r+");

 /* We are really only interested in the first line.
  */
 fgets( request, sizeof(request), client );
...........
...........

If malloc fails (tracing fdopen internals) then client will be set to NULL and
further referencing
of client cause buggy behaviours. So it is clear that a validity check needs to
be done on return value of fdopen before going ahead with using it's return
value. But what should be the action in that failure case?

should one just return from that point? I guess, if we do that, it will make the
requesting browser to fail getting any response for it's request and retrying
will need to be done. Andrew, is that safe enough?

I can send the trivial patch for it, once above issue is settled.

peace
sandeep





-- 
Before posting, please read the FAQ: http://sources.redhat.com/fom/ecos
and search the list archive: http://sources.redhat.com/ml/ecos-discuss

Follow-Ups:
- Re: return value of fdopen in cyg_httpd_process should be checked for validity
  - From: Andrew Lunn

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]