[ENet-discuss] Boundschecker finds bug, fix included

Lee Salzman lsalzman1 at cox.net
Fri Oct 12 07:12:41 PDT 2007 

If a tree falls in a forest, and no one is there to hear it, does it 
make a sound? :)

All it is doing is calculating an address, so long as it is not 
dereferencing it, it's ok.

Lee

Ruud van Gaal wrote:
> Hi,
> 
> I've recently obtained v1.1 of Enet, now while debugging with BoundsChecker
> I get a warning in peer.cpp:
> 
> --- peer.cpp ---------------------------------------
> ENetOutgoingCommand *
> enet_peer_queue_outgoing_command (ENetPeer * peer, const ENetProtocol *
> command, ENetPacket * packet, enet_uint32 offset, enet_uint16 length)
> {
>     ENetChannel * channel = & peer -> channels [command ->
> header.channelID];            <= WARNING HERE
>     ENetOutgoingCommand * outgoingCommand;
> 
>     peer -> outgoingDataTotal += enet_protocol_command_size (command ->
> header.command) + length;
> 
>     outgoingCommand = (ENetOutgoingCommand *) enet_malloc (sizeof
> (ENetOutgoingCommand));
> 
>     if (command -> header.channelID == 0xFF)
>     {
>        ++ peer -> outgoingReliableSequenceNumber;
> 
>        outgoingCommand -> reliableSequenceNumber = peer ->
> outgoingReliableSequenceNumber;
>        outgoingCommand -> unreliableSequenceNumber = 0;
>     }
> ...
> -----------------------------------------------------
> The problem is that in a connect packet, header.channelID=0xFF and the
> channel ptr is out of bounds. Not really a problem since it's not used in
> that case, but still ugly (the pointer is bad). A fix is:
> 
> ======================================================
> ENetOutgoingCommand *
> enet_peer_queue_outgoing_command (ENetPeer * peer, const ENetProtocol *
> command, ENetPacket * packet, enet_uint32 offset, enet_uint16 length)
> {
>     ENetChannel * channel;
>     ENetOutgoingCommand * outgoingCommand;
> 
>     peer -> outgoingDataTotal += enet_protocol_command_size (command ->
> header.command) + length;
> 
>     outgoingCommand = (ENetOutgoingCommand *) enet_malloc (sizeof
> (ENetOutgoingCommand));
> 
>     if (command -> header.channelID != 0xFF)
>       channel = & peer -> channels [command -> header.channelID];
> 
>     if (command -> header.channelID == 0xFF)
>     {
>        ++ peer -> outgoingReliableSequenceNumber;
> ...
> ========================================================
> 
> I don't have a neat SVN version here (not able to commit), so if somebody
> could add this fix to the code.
> 
> Thanks,
> Ruud
>

More information about the ENet-discuss mailing list