[En-Nut-Discussion] FYI: Integer overflow in tcp socket write function fixed
Harald Kipp
harald.kipp at egnite.de
Wed Sep 30 09:40:44 CEST 2015
Hi Ole,
On 29.09.2015 22:29, Ole Reinhardt wrote:
>
> I fixed another long time hidden bug in the TCP socket code.
>
> Both functions suffered from size calculations based on uint16_t
> variables, which resulted in integer overflows, when calling these
> functions with buffer sizes > 64K.
Actually this is not a bug, but a missing documentation item. I assume,
that there are more routines in Nut/OS, where I/O buffers are limited to
32k (not 64k). In most cases this is more than sufficient.
Anyway, without checking all the details, your patch doesn't seem to
hurt and look cleaner to me than drsung's original code.
Regards,
Harald
More information about the En-Nut-Discussion
mailing list