NDT-DEV email list created

Comment #4 on issue 109 by : C client does not check  
the version compatibility correctly
http://code.google.com/p/ndt/issues/detail?id=109

I see a couple of issues with this,

The main issue is that strncpy() doesn't null terminate the string if the  
string is longer than the allowed size. This means the comparison is  
actually being made on random memory and will be incorrect and could cause  
a segfault.

While unlikely, a check to ensure that 'buff' is long enough needs to be  
done before &buff[strlen(buff) - 6] otherwise this could result in a  
negative index resulting in similar issues.

Also "web100" should be have a capital 'w' i.e. should be "Web100" in the  
comparison see the definition TCP_STAT_NAME here  
https://code.google.com/p/ndt/source/browse/trunk/src/web100srv.h#299.

This could be rewritten as following to avoid strncpy() and the other  
issues as well as duplicated code. I've tested this against the following  
servers 3.6.6-rc1-Web10G, 3.6.6-rc1-Web100 and 3.6.5.2.

  ServerType = "Web100";
  if (strlen(buff) > 8) { // 7 (+ 1 for the 'v' at the start)
    // Since the addition of Web10G the server will append -Web10X
    // We remove this before comparing versions
    if (strcmp(&buff[strlen(buff) - 7], "-Web10G") == 0) {
      ServerType = "Web10G";
      buff[strlen(buff) - 7] = '\0';
    }
    if (strcmp(&buff[strlen(buff) - 7], "-Web100") == 0) {
      buff[strlen(buff) - 7] = '\0';
    }
  }

  if (strcmp(&buff[1], VERSION)) {
    log_println(1, "WARNING: NDT server has different version number (%s)",
                &buff[1]);
  }

--
You received this message because this project is configured to send all  
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings