SFML community forums

Help => Network => Topic started by: deadalnix on October 30, 2011, 06:15:04 pm

Title: Packet has dangerous behaviour with char* and operator >&
Post by: deadalnix on October 30, 2011, 06:15:04 pm

Code: [Select]

Packet& Packet::operator >>(char* data)
{
    // First extract string length
    Uint32 length = 0;
    *this >> length;

    if ((length > 0) && CheckSize(length))
    {
        // Then extract characters
        std::memcpy(data, GetData() + myReadPos, length);
        data[length] = '\0';

        // Update reading position
        myReadPos += length;
    }

    return *this;
}

This piece of code is made for buffer overflow. This function should be aware of teh size pointed by data.

As C++ as a string class, this operator overloading should just be removed in my oppinion. To ensure the possibility of binding throw C, a function can be added like read(char* data, size_t maxCharRead).

Title: Packet has dangerous behaviour with char* and operator >&
Post by: Laurent on October 30, 2011, 07:03:59 pm

You're right. You should add an issue in the task tracker, so that I don't forget it.

Title: Packet has dangerous behaviour with char* and operator >&
Post by: deadalnix on October 31, 2011, 12:16:31 pm

Well I wanted to do it, but it seems that somebody did it for me.