[lwip-users] Possible overflow bug?

lwip-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-users] Possible overflow bug?

From:	timmy brolin
Subject:	[lwip-users] Possible overflow bug?
Date:	Wed, 10 Aug 2011 06:32:02 -0700

I may have found a possible overflow bug in several places in dhcp:
"
u8_t namelen = (u8_t)strlen(p);
...
LWIP_ASSERT("DHCP: hostname is too long!", namelen < 255);
"
Correct me if I am wrong, but doesn't strlen return int? And then that int is typecasted to u8_t, discarding the high-byte.
This means that the ASSERT is unlikely to detect a overflow problem.

This is not a big problem, since it would only be a real issue if the locally stored hostname is greater than 255 bytes in length. But still, if there is a overflow ASSERT check, it might as well work properly.

Regards,
Timmy Brolin

_______________________________________________________________
Hitta ditt drömjobb - Turism Försäljning Vårdjobb Ekonomi Design Bank Media

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-users] Possible overflow bug?, timmy brolin <=
- Re: [lwip-users] Possible overflow bug?, Kieran Mansley, 2011/08/11

Prev by Date: Re: [lwip-users] lwip IPv6 with Unix port
Next by Date: Re: [lwip-users] lwip IPv6 with Unix port
Previous by thread: [lwip-users] Delayed Ack causing problems, where to call tcp_nagle_disable()?
Next by thread: Re: [lwip-users] Possible overflow bug?
Index(es):
- Date
- Thread