Re: [VANILLA-LIST:2182] Metaserver solicitation bug?

To: vanilla-list@us.netrek.org
Subject: Re: [VANILLA-LIST:2182] Metaserver solicitation bug?
From: David Swasey <swasey@cs.cmu.edu>
Date: Tue, 23 Mar 1999 21:29:39 -0500
In-reply-to: <36F82D2B.3DA4CBAF@stl.dec.com>
References: <Pine.GSO.4.10.9903240050420.3597-100000@licia.dtek.chalmers.se> <36F82D2B.3DA4CBAF@stl.dec.com>
Sender: swasey@burnt.fox.cs.cmu.edu

Inocuous bugs: you never close the .metaservers file.  Also in solicit(),
it looks as if the static prior is a dead var.

Maybe evil bug:  In solicit() you aren't checking for buffer overflow.
When you sprintf all of that player info to the end of packet[] you could
be blasting in more than MAXMETABYTES, corrupting the stack.  Later when
you copy packet[] to m->prior, if packet[] is longer than MAXMETABYTES
you'll either corrupt some other data or cause a segmentation violation.

A 3rd source of errors that I have no clue about has to do with data
exchange between the metaserver & the netrek server.  Does the
metaserver treat solicited servers differently?  Meaning are there other
communications not covered in solicit.c which could have corrupt data
for soliciting servers but not for "normal" servers?

-dave

On 24 March 99 at 11:09, James Cameron <cameron@stl.dec.com> wrote:
> But I really really want someone who can code to look through solicit.c

References:
- Re: [VANILLA-LIST:2182] Metaserver solicitation bug?
  - From: Mikael Sandstr|m <d4sand@dtek.chalmers.se>
- Re: [VANILLA-LIST:2182] Metaserver solicitation bug?
  - From: James Cameron <cameron@stl.dec.com>
- Re: [VANILLA-LIST:2182] Metaserver solicitation bug?
  - From: James Cameron <cameron@stl.dec.com>

Prev by Date: Re: [VANILLA-LIST:2182] Metaserver solicitation bug?
Next by Date: Re: [VANILLA-LIST:2182] Metaserver solicitation bug?
Prev by thread: Re: [VANILLA-LIST:2182] Metaserver solicitation bug?
Next by thread: Re: [VANILLA-LIST:2182] Metaserver solicitation bug?
Index(es):
- Date
- Thread