coffee/cpp-ipc
1
0
Fork 0
mirror of https://github.com/mutouyun/cpp-ipc.git synced 2025-12-07 17:26:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

memory access may out of bounds

Browse Source
This commit is contained in:
zhangyi 2019-03-29 15:12:15 +08:00
parent 1c32826aa2
commit b00ebfe460
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/ipc.cpp Normal file → Executable file
View File

@ -57,9 +57,10 @@ struct msg_t {
} }
}; };
buff_t make_cache(void const * data, std::size_t size) { template <typename T>
buff_t make_cache(T& data, std::size_t size) {
auto ptr = mem::alloc(size); auto ptr = mem::alloc(size);
std::memcpy(ptr, data, size); std::memcpy(ptr, &data, (std::min)(sizeof(data), size));
return { ptr, size, mem::free }; return { ptr, size, mem::free };
} }
@ -72,8 +73,10 @@ struct cache_t {
{} {}
void append(void const * data, std::size_t size) { void append(void const * data, std::size_t size) {
std::memcpy(static_cast<byte_t*>(buff_.data()) + fill_, data, size); if (fill_ >= buff_.size() || data == nullptr || size == 0) return;
fill_ += size; auto new_fill = (std::min)(fill_ + size, buff_.size());
std::memcpy(static_cast<byte_t*>(buff_.data()) + fill_, data, new_fill - fill_);
fill_ = new_fill;
} }
}; };
@ -284,7 +287,7 @@ static buff_t recv(ipc::handle_t h, std::size_t tm) {
auto cac_it = rc.find(msg.head_.id_); auto cac_it = rc.find(msg.head_.id_);
if (cac_it == rc.end()) { if (cac_it == rc.end()) {
if (remain <= data_length) { if (remain <= data_length) {
return make_cache(&(msg.data_), remain); return make_cache(msg.data_, remain);
} }
else { else {
// gc // gc
@ -299,7 +302,7 @@ static buff_t recv(ipc::handle_t h, std::size_t tm) {
for (auto id : need_del) rc.erase(id); for (auto id : need_del) rc.erase(id);
} }
// cache the first message fragment // cache the first message fragment
rc.emplace(msg.head_.id_, cache_t { data_length, make_cache(&(msg.data_), remain) }); rc.emplace(msg.head_.id_, cache_t { data_length, make_cache(msg.data_, remain) });
} }
} }
// has cached before this message // has cached before this message