[ECOS] return value of fdopen in cyg_httpd_process should be checked for validity
Thu Dec 11 11:27:00 GMT 2003
Andrew Lunn <email@example.com> writes:
> On Wed, Dec 10, 2003 at 04:20:41PM +0530, sandeep wrote:
> > function cyg_httpd_process in httpd.c , has code like --
> > FILE *client;
> > ------- snipped -------
> > client = fdopen( client_socket, "r+");
> > /* We are really only interested in the first line.
> > */
> > fgets( request, sizeof(request), client );
> > ...........
> > ...........
> > If malloc fails (tracing fdopen internals) then client will be set
> > to NULL and further referencing of client cause buggy behaviours. So
> > it is clear that a validity check needs to be done on return value
> > of fdopen before going ahead with using it's return value. But what
> > should be the action in that failure case? should one just return
> > from that point? I guess, if we do that, it will make the requesting
> > browser to fail getting any response for it's request and retrying
> > will need to be done. Andrew, is that safe enough?
> Nick is the person to ask, not me. Nick wrote the code. I just added
> IPv6 support.
> Just returning is not enough. Doing that will result in the leak of a
I suspect that the correct thing to do is to send a pre-packaged
response back to the browser saying something like "Server out of
resources". This would have to be done using a plain write() followed
by a close(). It will probably also need to read() the rest of the
request header. All a bit yukky unfortunately.
Nick Garnett eCos Kernel Architect
http://www.ecoscentric.com The eCos and RedBoot experts
Before posting, please read the FAQ: http://sources.redhat.com/fom/ecos
and search the list archive: http://sources.redhat.com/ml/ecos-discuss
More information about the Ecos-discuss