axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henrik Nordberg (JIRA)" <axis-c-...@ws.apache.org>
Subject [jira] Updated: (AXISCPP-923) Memory leak in HTTPChannel::ReportError
Date Fri, 03 Feb 2006 21:04:04 GMT
     [ http://issues.apache.org/jira/browse/AXISCPP-923?page=all ]

Henrik Nordberg updated AXISCPP-923:
------------------------------------

    Attachment: AXISCPP-923.patch

This is a largish patch. The main fix is to change the PLATFORM_GET_ERROR_MESSAGE macro to
return a string instead of a string*.
There were other issues in the code related to this. For example: in transport/axis3/HTTPSSLChannel/HTTPSSLChannel.cpp
the old code looked like this:

char		fullMessage[600];
			sprintf( fullMessage,
					 "Failed to open connection to server: \n \
					 hostname='%s'\n\
					 port='%d'\n\
					 Error Message='%s'\
					 Error Code='%d'\n",
					 m_URL.getHostName(), m_URL.getPort(), message->c_str(), (int) dw);

which is a security problem since sprintf() can cause fullMessage to overflow. 
So I changed the error handling code in 9 places to look like this:

+			char pcErr[64], pcPort[64];
+			sprintf(pcErr,"%d",(int)dwError);
+			sprintf(pcPort,"%d",(int)m_URL.getPort());
+			string sMessage = PLATFORM_GET_ERROR_MESSAGE(dwError);
+			string sFullMessage =
+				"Failed to open connection to server: \n \
+				hostname='" + string(m_URL.getHostName()) + "'\n\
+				port='" + string(pcPort) + "'\n\
+				Error Message='" + sMessage + "'\
+				Error Code='" + string(pcErr) + "'\n";

I also had to apply the following const correctness fix:

-HTTPTransportException::HTTPTransportException(const int iExceptionCode, char* pcMessage):AxisException(iExceptionCode)
+HTTPTransportException::HTTPTransportException(const int iExceptionCode, const char* pcMessage):AxisException(iExceptionCode)

I have applied this patch on Linux and run all tests successfully.
This patch file was created on Windows using TortoiseSVN -> Create patch..., so the easiest
way to apply it is probably using TortoiseSVN -> Apply patch...

 - Henrik


> Memory leak in  HTTPChannel::ReportError
> ----------------------------------------
>
>          Key: AXISCPP-923
>          URL: http://issues.apache.org/jira/browse/AXISCPP-923
>      Project: Axis-C++
>         Type: Bug
>   Components: Transport (axis3)
>     Versions: current (nightly)
>  Environment: All platforms, issue found in drop 24-Jan-2006 21:23 
>     Reporter: Emanuel Norrbin
>  Attachments: AXISCPP-923.patch
>
> File: transport\axis3\HTTPChannel\HTTPChannel.cpp
> Method:  void HTTPChannel::ReportError( char * szText1, char * szText2)
> Line: 750 - 755
> void HTTPChannel::ReportError( char * szText1, char * szText2)
> {
>     long        dwMsg = GETLASTERROR
>     string *    sMsg = PLATFORM_GET_ERROR_MESSAGE( dwMsg);
>     char        szMsg[600];
>     sprintf( szMsg, "%s %d %s: '%s'\n", szText1, (int) dwMsg, szText2, sMsg->c_str());
>     m_LastError = szMsg;
> }
> In this method the string* sMsg is never deleted. I don't see why a string* is used
> when a string would have worked just as well, but if a pointer is used it has to be deleted.
> /Emanuel

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message