Socket recv() error: invalid pointer or size
Merry christmas in advance! Hope all is well
I got some errors when playing around with memory allocation. (And I dont want to solve it with vector ) ;)
//then I do the things below (only if it's the initial request)
//then it starts over again and continues until I've received all.
Most of the times this works and I receive all data, but sometimes I get error(code: 10014) from recv() which indicates bad pointer or that buflen is to small.
I know for sure that "new_memory" and "buflen" has the right size for the remaining request (after they're updated), so it's not about that.
How about something that makes the pointer invalid or something that happens dynamically, that doesn't work well when it continues to recv?
Best regards
Volang
I got some errors when playing around with memory allocation. (And I dont want to solve it with vector ) ;)
|
|
//then I do the things below (only if it's the initial request)
|
|
//then it starts over again and continues until I've received all.
Most of the times this works and I receive all data, but sometimes I get error(code: 10014) from recv() which indicates bad pointer or that buflen is to small.
I know for sure that "new_memory" and "buflen" has the right size for the remaining request (after they're updated), so it's not about that.
How about something that makes the pointer invalid or something that happens dynamically, that doesn't work well when it continues to recv?
Best regards
Volang
Last edited on
What is
Why does memcpy only copy
full_request_length? Where is it set?Why does memcpy only copy
recv_length bytes? Shouldn't it copy total_recv_length or buflen bytes?
Last edited on
I have the information about the remaining request within the first recv. After I've interpret the first recv I can set the value of "full request length".
"get_request_info()" should be included to the top of that block, The function finds the value of full request length etc.
No. Because this happens only after the first recv(initial request as I mentioned in my post), at that point I haven't received anything else than "recv_length"(initial request)
| //then I do the things below (only if it's the initial request) |
"get_request_info()" should be included to the top of that block, The function finds the value of full request length etc.
| Why does memcpy only copy recv_length bytes? Shouldn't it copy total_recv_length or buflen bytes? |
No. Because this happens only after the first recv(initial request as I mentioned in my post), at that point I haven't received anything else than "recv_length"(initial request)
|
|
At the same time as doing this
total_recv_length += recv_length;
You also need to do this
buflen -= recv_length;
You need to reduce the overall space available for data by the amount you've already received.
> recvbuf[total_recv_length] = '\0';
Also, this is a buffer overflow if recv() actually fills the buffer.
| You also need to do this buflen -= recv_length; |
So the recv() parameter where buflen goes in has nothing to do with the total capacity of the array(recvbuf)? It wants to know how much is left/available?
| > recvbuf[total_recv_length] = '\0'; Also, this is a buffer overflow if recv() actually fills the buffer. |
Nice catch :)
Last edited on
Yes, the 3rd parameter is the number of actual bytes available.
> recv_length = recv(client, &recvbuf[total_recv_length], buflen, 0);
If buflen starts off at 10, and you receive 5 bytes, then the next time around, you have 5 left, not 10.
> recv_length = recv(client, &recvbuf[5], buflen-5, 0);
> recv_length = recv(client, &recvbuf[total_recv_length], buflen, 0);
If buflen starts off at 10, and you receive 5 bytes, then the next time around, you have 5 left, not 10.
> recv_length = recv(client, &recvbuf[5], buflen-5, 0);
Topic archived. No new replies allowed.