[En-Nut-Discussion] FYI: Integer overflow in tcp socket write function fixed

Harald Kipp harald.kipp at egnite.de
Wed Sep 30 09:40:44 CEST 2015


Hi Ole,

On 29.09.2015 22:29, Ole Reinhardt wrote:
> 
> I fixed another long time hidden bug in the TCP socket code.
> 
> Both functions suffered from size calculations based on uint16_t
> variables, which resulted in integer overflows, when calling these
> functions with buffer sizes > 64K.

Actually this is not a bug, but a missing documentation item. I assume,
that there are more routines in Nut/OS, where I/O buffers are limited to
32k (not 64k). In most cases this is more than sufficient.

Anyway, without checking all the details, your patch doesn't seem to
hurt and look cleaner to me than drsung's original code.

Regards,

Harald







More information about the En-Nut-Discussion mailing list