There is no need to cc me directly, I am subscribed to the list ;) On Tue, 2004-02-24 at 23:14, Thomas Schuerger wrote:
> > What I mean with a is: For example there is a pointer *p > > then in the code there is something like > > > > int x = p->something > > > > g_assert(p) > > > > as you understand, if p would have been NULL it would have allready > > crashed on p->something > > > > b) is expecting data from a connection and assert if the expected data > > is not correct. Only assert when we are sending data which we generated > > ourself. Never assert on received data! > > > > I'll include your files later tonight. Allthough I modified some of them > > a bit. > > I hope you can correct the asserts under point b. > > Thanks for your comments! > > As for a), you are completely right, I was a bit careless there. Thanks > for fixing this. Nevertheless assertion are good, but they should be used the right way. I will probably adjust the code even more to make sure those assertions can be used. > > As for b), I can see no place where I do assertions directly on > received data, where a remote servent can crash the client. Most > assertions are on struct gnutella_node pointers or HSEP table > pointers, which are generated internally. One assertion is for > allocated memory (which depends on the length of received data, but > that should be ok). The other assertions are in hsep_sanity_check(). > This is only an internal check on the HSEP tables that does not > directly work on received data. Received data is processed and checked > within hsep_process_msg(), and only sane data is integrated into the > internal HSEP tables. If those checks are done correctly in > hsep_process_msg() (as far as I can see, they are ok), > hsep_sanity_check() should not fail. > > So note that in fact there are two sanity checks, one for received > data in hsep_process_msg(), where faulty data is simply ignored, and > one for the data currently in the internal HSEP tables in > hsep_sanity_check(), where the data is checked using assertions. > > I'll have a look at the modified files when they have been integrated > into the source tree. Well a quick test indicated that there is a problem then with HSEP, because when I tell it to just pretend every connection to be HSEP enabled it _wil_ assert. I don't have time to look more thoroughly at it the comming days. If you want I can do a full commit, which only enabled HSEP for HSEP enabled clients. But this means CVS has to be updated soon again with an update. So I leave it up to you? You want me to commit the intergration completely? - Jeroen ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Gtk-gnutella-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/gtk-gnutella-devel
