This patch fixes a buffer overflow in WIN32 "aRead" and implements a zero request length optimization in WIN32 "aRead" and "aWrite".
This patch modifies the following files: src/serial.cpp This patch is committed on "dev-bcb6-arm" branch between revision tags "dev-bcb6-arm-0052" and "dev-bcb6-arm-0053". Index: src/serial.cpp =================================================================== RCS file: /cvsroot/gnutelephony/testing/commoncpp2/src/serial.cpp,v retrieving revision 1.1.1.1.2.2 retrieving revision 1.1.1.1.2.3 diff -u -p -r1.1.1.1.2.2 -r1.1.1.1.2.3 --- src/serial.cpp 9 Sep 2005 18:46:36 -0000 1.1.1.1.2.2 +++ src/serial.cpp 9 Sep 2005 22:29:29 -0000 1.1.1.1.2.3 @@ -475,75 +475,74 @@ void Serial::open(const char * fname) #ifdef WIN32 int Serial::aRead(char * Data, const int Length) { - unsigned long dwLength = 0, dwError, dwReadLength; + DWORD dwActualLength = 0, dwError = 0, dwReadLength = Length; COMSTAT cs; - OVERLAPPED ol; - - // Return zero if handle is invalid - if(!isOpen()) - return 0; + OVERLAPPED ol; - // Read max length or only what is available - ClearCommError(dev, &dwError, &cs); + // Return zero if handle is invalid + if(!isOpen()) + return 0; - // If not requiring an exact byte count, get whatever is available - if(dwLength > (int)cs.cbInQue) - dwReadLength = cs.cbInQue; - else - dwReadLength = Length; + // Read max length or only what is available + ClearCommError(dev, &dwError, &cs); + + // If not requiring an exact byte count, get whatever is available + if(dwReadLength > cs.cbInQue) + dwReadLength = cs.cbInQue; - memset(&ol, 0, sizeof(OVERLAPPED)); - ol.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL); + if(dwReadLength > 0) + { + memset(&ol, 0, sizeof(OVERLAPPED)); + ol.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL); - if(dwReadLength > 0) - { - if(ReadFile(dev, Data, dwReadLength, &dwLength, &ol) == FALSE) - { - if(GetLastError() == ERROR_IO_PENDING) - { - WaitForSingleObject(ol.hEvent, INFINITE); - GetOverlappedResult(dev, &ol, &dwLength, TRUE); - } - else - ClearCommError(dev, &dwError, &cs); - } + if(ReadFile(dev, Data, dwReadLength, &dwActualLength, &ol) == FALSE) + { + if(GetLastError() == ERROR_IO_PENDING) + { + WaitForSingleObject(ol.hEvent, INFINITE); + GetOverlappedResult(dev, &ol, &dwActualLength, TRUE); + } + else + ClearCommError(dev, &dwError, &cs); + } + + if(ol.hEvent != INVALID_HANDLE_VALUE) + CloseHandle(ol.hEvent); } - - if(ol.hEvent != INVALID_HANDLE_VALUE) - CloseHandle(ol.hEvent); - - return dwLength; + + return dwActualLength; } int Serial::aWrite(const char * Data, const int Length) { + DWORD dwActualLength = 0, dwError = 0, dwWriteLength = Length; COMSTAT cs; - unsigned long dwError = 0; - OVERLAPPED ol; + OVERLAPPED ol; - // Clear the com port of any error condition prior to read + // Clear the com port of any error condition prior to write ClearCommError(dev, &dwError, &cs); - unsigned long retSize = 0; - - memset(&ol, 0, sizeof(OVERLAPPED)); - ol.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL); - - if(WriteFile(dev, Data, Length, &retSize, &ol) == FALSE) - { - if(GetLastError() == ERROR_IO_PENDING) - { - WaitForSingleObject(ol.hEvent, INFINITE); - GetOverlappedResult(dev, &ol, &retSize, TRUE); - } - else - ClearCommError(dev, &dwError, &cs); - } - - if(ol.hEvent != INVALID_HANDLE_VALUE) - CloseHandle(ol.hEvent); - - return retSize; + if(dwWriteLength > 0) + { + memset(&ol, 0, sizeof(OVERLAPPED)); + ol.hEvent = CreateEvent(NULL, TRUE, FALSE, NULL); + + if(WriteFile(dev, Data, dwWriteLength, &dwActualLength, &ol) == FALSE) + { + if(GetLastError() == ERROR_IO_PENDING) + { + WaitForSingleObject(ol.hEvent, INFINITE); + GetOverlappedResult(dev, &ol, &dwActualLength, TRUE); + } + else + ClearCommError(dev, &dwError, &cs); + } + + if(ol.hEvent != INVALID_HANDLE_VALUE) + CloseHandle(ol.hEvent); + } + + return dwActualLength; } #else int Serial::aRead(char *Data, const int Length) _______________________________________________ Bug-commoncpp mailing list Bug-commoncpp@gnu.org http://lists.gnu.org/mailman/listinfo/bug-commoncpp