Re: [elinks-dev] Errors in bittorent
On Fri, Aug 29, 2008 at 10:38:20PM +0200, Witold Filipczyk wrote: Hi, I noticed a bug in the bittorent protocol code while trying to get an ISO from http://torrents.gentoo.org/. Here is a fix for it. 1) Before the uri was put on the stack and the access that uri later may trash the stack. 2) done_uri expects that uri-string is not NULL, so uri-string points to . That patch wasn't good. I attached the second one. Witek commit b589f19b73c65621c0a8582199509f58dbcac09f Author: Witold Filipczyk [EMAIL PROTECTED] AuthorDate: Sat Aug 30 10:52:00 2008 +0200 Commit: Witold Filipczyk [EMAIL PROTECTED] CommitDate: Sat Aug 30 10:52:00 2008 +0200 An issue with bittorrent. It was possible that the reference to the automatic variable uri of the make_bittorrent_peer_connection trashed the stack. In addition done_uri crashed because uri-string was NULL. Now uri is allocated and unlocked to avoid memleak. diff --git a/src/protocol/bittorrent/peerconnect.c b/src/protocol/bittorrent/peerconnect.c index aeafbf3..5f65e68 100644 --- a/src/protocol/bittorrent/peerconnect.c +++ b/src/protocol/bittorrent/peerconnect.c @@ -20,6 +20,7 @@ #include elinks.h #include config/options.h +#include main/object.h #include main/select.h #include main/timer.h #include network/connection.h @@ -271,9 +272,12 @@ enum bittorrent_state make_bittorrent_peer_connection(struct bittorrent_connection *bittorrent, struct bittorrent_peer *peer_info) { - struct uri uri; + struct string uri_string; + struct uri *uri; struct bittorrent_peer_connection *peer; - unsigned char port[5]; + unsigned char port[6]; + int ip_start, port_start; + int port_length; peer = init_bittorrent_peer_connection(-1); if (!peer) return BITTORRENT_STATE_OUT_OF_MEM; @@ -296,14 +300,32 @@ make_bittorrent_peer_connection(struct bittorrent_connection *bittorrent, /* FIXME: Rather change the make_connection() interface. This is an ugly * hack. */ /* FIXME: Set the ipv6 flag iff ... */ - memset(uri, 0, sizeof(uri)); - uri.protocol = PROTOCOL_BITTORRENT; - uri.host = peer_info-ip; - uri.hostlen = strlen(peer_info-ip); - uri.port = port; - uri.portlen = snprintf(port, sizeof(port), %u, peer_info-port); - - make_connection(peer-socket, uri, send_bittorrent_peer_handshake, 1); + if (!init_string(uri_string)) { + done_bittorrent_peer_connection(peer); + return BITTORRENT_STATE_OUT_OF_MEM; + } + add_to_string(uri_string, bittorrent:); + ip_start = uri_string.length; + add_to_string(uri_string, peer_info-ip); + add_char_to_string(uri_string, ':'); + port_start = uri_string.length; + + port_length = snprintf(port, sizeof(port), %u, peer_info-port); + add_bytes_to_string(uri_string, port, port_length); + uri = get_uri(uri_string.source, URI_BASE); + done_string(uri_string); + if (!uri) { + done_bittorrent_peer_connection(peer); + return BITTORRENT_STATE_OUT_OF_MEM; + } + + uri-host = uri-string + ip_start; + uri-hostlen = port_start - ip_start - 1; + uri-port = uri-string + port_start; + uri-portlen = port_length; + /* Do not lock it. */ + object_unlock(uri); + make_connection(peer-socket, uri, send_bittorrent_peer_handshake, 1); return BITTORRENT_STATE_OK; } ___ elinks-dev mailing list elinks-dev@linuxfromscratch.org http://linuxfromscratch.org/mailman/listinfo/elinks-dev
Re: [elinks-dev] Errors in bittorent
Some comments ... Witold Filipczyk [EMAIL PROTECTED] wrote Sat, Aug 30, 2008: commit b589f19b73c65621c0a8582199509f58dbcac09f Author: Witold Filipczyk [EMAIL PROTECTED] AuthorDate: Sat Aug 30 10:52:00 2008 +0200 Commit: Witold Filipczyk [EMAIL PROTECTED] CommitDate: Sat Aug 30 10:52:00 2008 +0200 An issue with bittorrent. It was possible that the reference to the automatic variable uri of the make_bittorrent_peer_connection trashed the stack. In addition done_uri crashed because uri-string was NULL. Now uri is allocated and unlocked to avoid memleak. diff --git a/src/protocol/bittorrent/peerconnect.c b/src/protocol/bittorrent/peerconnect.c index aeafbf3..5f65e68 100644 --- a/src/protocol/bittorrent/peerconnect.c +++ b/src/protocol/bittorrent/peerconnect.c @@ -20,6 +20,7 @@ #include elinks.h #include config/options.h +#include main/object.h #include main/select.h #include main/timer.h #include network/connection.h @@ -271,9 +272,12 @@ enum bittorrent_state make_bittorrent_peer_connection(struct bittorrent_connection *bittorrent, struct bittorrent_peer *peer_info) { - struct uri uri; + struct string uri_string; + struct uri *uri; struct bittorrent_peer_connection *peer; - unsigned char port[5]; + unsigned char port[6]; + int ip_start, port_start; + int port_length; peer = init_bittorrent_peer_connection(-1); if (!peer) return BITTORRENT_STATE_OUT_OF_MEM; @@ -296,14 +300,32 @@ make_bittorrent_peer_connection(struct bittorrent_connection *bittorrent, /* FIXME: Rather change the make_connection() interface. This is an ugly * hack. */ /* FIXME: Set the ipv6 flag iff ... */ - memset(uri, 0, sizeof(uri)); - uri.protocol = PROTOCOL_BITTORRENT; - uri.host = peer_info-ip; - uri.hostlen = strlen(peer_info-ip); - uri.port = port; - uri.portlen = snprintf(port, sizeof(port), %u, peer_info-port); - - make_connection(peer-socket, uri, send_bittorrent_peer_handshake, 1); + if (!init_string(uri_string)) { + done_bittorrent_peer_connection(peer); + return BITTORRENT_STATE_OUT_OF_MEM; + } + add_to_string(uri_string, bittorrent:); + ip_start = uri_string.length; + add_to_string(uri_string, peer_info-ip); + add_char_to_string(uri_string, ':'); + port_start = uri_string.length; + + port_length = snprintf(port, sizeof(port), %u, peer_info-port); + add_bytes_to_string(uri_string, port, port_length); + uri = get_uri(uri_string.source, URI_BASE); + done_string(uri_string); + if (!uri) { + done_bittorrent_peer_connection(peer); + return BITTORRENT_STATE_OUT_OF_MEM; + } + + uri-host = uri-string + ip_start; + uri-hostlen = port_start - ip_start - 1; + uri-port = uri-string + port_start; + uri-portlen = port_length; + /* Do not lock it. */ + object_unlock(uri); + make_connection(peer-socket, uri, send_bittorrent_peer_handshake, 1); return BITTORRENT_STATE_OK; } Instead of fixing this hack, why don't you add a setup_connection() that make_connection() can use as a wrapper and be done with this. Or if this is bittorrent URI thing actually works, why do you mess with the URI struct yourself? Didn't parse_uri() do all that for you already? Also don't unluck the URI, call done_uri(uri) after the call to make_connection(). Else your checking of add_..._string() calls is a bit sloppy. -- Jonas Fonseca ___ elinks-dev mailing list elinks-dev@linuxfromscratch.org http://linuxfromscratch.org/mailman/listinfo/elinks-dev
Re: [elinks-dev] Errors in bittorent
On Sat, Aug 30, 2008 at 12:24:40PM +0200, Jonas Fonseca wrote: Some comments ... Witold Filipczyk [EMAIL PROTECTED] wrote Sat, Aug 30, 2008: commit b589f19b73c65621c0a8582199509f58dbcac09f Author: Witold Filipczyk [EMAIL PROTECTED] AuthorDate: Sat Aug 30 10:52:00 2008 +0200 Commit: Witold Filipczyk [EMAIL PROTECTED] CommitDate: Sat Aug 30 10:52:00 2008 +0200 An issue with bittorrent. It was possible that the reference to the automatic variable uri of the make_bittorrent_peer_connection trashed the stack. In addition done_uri crashed because uri-string was NULL. Now uri is allocated and unlocked to avoid memleak. Instead of fixing this hack, why don't you add a setup_connection() that make_connection() can use as a wrapper and be done with this. Or if this is bittorrent URI thing actually works, why do you mess with the URI struct yourself? Didn't parse_uri() do all that for you already? Also don't unluck the URI, call done_uri(uri) after the call to make_connection(). It is not so easy, because bittorrent in ELinks uses free syntax. I'm cheating a bit here and using http instead of bittorrent. diff --git a/src/protocol/bittorrent/peerconnect.c b/src/protocol/bittorrent/peerconnect.c index aeafbf3..7a89523 100644 --- a/src/protocol/bittorrent/peerconnect.c +++ b/src/protocol/bittorrent/peerconnect.c @@ -271,9 +271,11 @@ enum bittorrent_state make_bittorrent_peer_connection(struct bittorrent_connection *bittorrent, struct bittorrent_peer *peer_info) { - struct uri uri; + struct string uri_string; + struct uri *uri; struct bittorrent_peer_connection *peer; - unsigned char port[5]; + unsigned char port[6]; + int port_length; peer = init_bittorrent_peer_connection(-1); if (!peer) return BITTORRENT_STATE_OUT_OF_MEM; @@ -296,14 +298,27 @@ make_bittorrent_peer_connection(struct bittorrent_connection *bittorrent, /* FIXME: Rather change the make_connection() interface. This is an ugly * hack. */ /* FIXME: Set the ipv6 flag iff ... */ - memset(uri, 0, sizeof(uri)); - uri.protocol = PROTOCOL_BITTORRENT; - uri.host = peer_info-ip; - uri.hostlen = strlen(peer_info-ip); - uri.port = port; - uri.portlen = snprintf(port, sizeof(port), %u, peer_info-port); - - make_connection(peer-socket, uri, send_bittorrent_peer_handshake, 1); + if (!init_string(uri_string)) { + done_bittorrent_peer_connection(peer); + return BITTORRENT_STATE_OUT_OF_MEM; + } + /* The bittorrent protocol uses free syntax. +* It does not set uri-port nor uri-host */ + add_to_string(uri_string, http://;); + add_to_string(uri_string, peer_info-ip); + add_char_to_string(uri_string, ':'); + port_length = snprintf(port, sizeof(port), %u, peer_info-port); + add_bytes_to_string(uri_string, port, port_length); + + uri = get_uri(uri_string.source, URI_BASE); + done_string(uri_string); + if (!uri) { + done_bittorrent_peer_connection(peer); + return BITTORRENT_STATE_OUT_OF_MEM; + } + uri-protocol = PROTOCOL_BITTORRENT; + make_connection(peer-socket, uri, send_bittorrent_peer_handshake, 1); + done_uri(uri); return BITTORRENT_STATE_OK; } ___ elinks-dev mailing list elinks-dev@linuxfromscratch.org http://linuxfromscratch.org/mailman/listinfo/elinks-dev