This patch fixes a buffer overflow in WIN32 "aRead" and implements
a zero request length optimization in WIN32 "aRead" and "aWrite".
This patch modifies the following files:
src/serial.cpp
This patch is committed on "dev-bcb6-arm" branch between revision
tags "dev-bcb6-arm-0052" and "dev-bcb6-arm-0053".
Index: src/serial.cpp
===================================================================
RCS file: /cvsroot/gnutelephony/testing/commoncpp2/src/serial.cpp,v
retrieving revision 1.1.1.1.2.2
retrieving revision 1.1.1.1.2.3
diff -u -p -r1.1.1.1.2.2 -r1.1.1.1.2.3
--- src/serial.cpp 9 Sep 2005 18:46:36 -0000 1.1.1.1.2.2
+++ src/serial.cpp 9 Sep 2005 22:29:29 -0000 1.1.1.1.2.3
@@ -475,75 +475,74 @@ void Serial::open(const char * fname)
#ifdef WIN32
int Serial::aRead(char * Data, const int Length)
{
- unsigned long dwLength = 0, dwError, dwReadLength;
+ DWORD dwActualLength = 0, dwError = 0, dwReadLength = Length;
COMSTAT cs;
- OVERLAPPED ol;
-
- // Return zero if handle is invalid
- if(!isOpen())
- return 0;
+ OVERLAPPED ol;
- // Read max length or only what is available
- ClearCommError(dev, &dwError, &cs);
+ // Return zero if handle is invalid
+ if(!isOpen())
+ return 0;
- // If not requiring an exact byte count, get whatever is available
- if(dwLength > (int)cs.cbInQue)
- dwReadLength = cs.cbInQue;
- else
- dwReadLength = Length;
+ // Read max length or only what is available
+ ClearCommError(dev, &dwError, &cs);
+
+ // If not requiring an exact byte count, get whatever is available
+ if(dwReadLength > cs.cbInQue)
+ dwReadLength = cs.cbInQue;
- memset(&ol, 0, sizeof(OVERLAPPED));
- ol.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
+ if(dwReadLength > 0)
+ {
+ memset(&ol, 0, sizeof(OVERLAPPED));
+ ol.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
- if(dwReadLength > 0)
- {
- if(ReadFile(dev, Data, dwReadLength, &dwLength, &ol) == FALSE)
- {
- if(GetLastError() == ERROR_IO_PENDING)
- {
- WaitForSingleObject(ol.hEvent, INFINITE);
- GetOverlappedResult(dev, &ol, &dwLength, TRUE);
- }
- else
- ClearCommError(dev, &dwError, &cs);
- }
+ if(ReadFile(dev, Data, dwReadLength, &dwActualLength,
&ol) == FALSE)
+ {
+ if(GetLastError() == ERROR_IO_PENDING)
+ {
+ WaitForSingleObject(ol.hEvent,
INFINITE);
+ GetOverlappedResult(dev, &ol,
&dwActualLength, TRUE);
+ }
+ else
+ ClearCommError(dev, &dwError, &cs);
+ }
+
+ if(ol.hEvent != INVALID_HANDLE_VALUE)
+ CloseHandle(ol.hEvent);
}
-
- if(ol.hEvent != INVALID_HANDLE_VALUE)
- CloseHandle(ol.hEvent);
-
- return dwLength;
+
+ return dwActualLength;
}
int Serial::aWrite(const char * Data, const int Length)
{
+ DWORD dwActualLength = 0, dwError = 0, dwWriteLength = Length;
COMSTAT cs;
- unsigned long dwError = 0;
- OVERLAPPED ol;
+ OVERLAPPED ol;
- // Clear the com port of any error condition prior to read
+ // Clear the com port of any error condition prior to write
ClearCommError(dev, &dwError, &cs);
- unsigned long retSize = 0;
-
- memset(&ol, 0, sizeof(OVERLAPPED));
- ol.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
-
- if(WriteFile(dev, Data, Length, &retSize, &ol) == FALSE)
- {
- if(GetLastError() == ERROR_IO_PENDING)
- {
- WaitForSingleObject(ol.hEvent, INFINITE);
- GetOverlappedResult(dev, &ol, &retSize, TRUE);
- }
- else
- ClearCommError(dev, &dwError, &cs);
- }
-
- if(ol.hEvent != INVALID_HANDLE_VALUE)
- CloseHandle(ol.hEvent);
-
- return retSize;
+ if(dwWriteLength > 0)
+ {
+ memset(&ol, 0, sizeof(OVERLAPPED));
+ ol.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
+
+ if(WriteFile(dev, Data, dwWriteLength, &dwActualLength, &ol) ==
FALSE)
+ {
+ if(GetLastError() == ERROR_IO_PENDING)
+ {
+ WaitForSingleObject(ol.hEvent, INFINITE);
+ GetOverlappedResult(dev, &ol, &dwActualLength,
TRUE);
+ }
+ else
+ ClearCommError(dev, &dwError, &cs);
+ }
+
+ if(ol.hEvent != INVALID_HANDLE_VALUE)
+ CloseHandle(ol.hEvent);
+ }
+
+ return dwActualLength;
}
#else
int Serial::aRead(char *Data, const int Length)
_______________________________________________
Bug-commoncpp mailing list
Bug-commoncpp@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-commoncpp
