git.seodisparate.com - UDPConnection/commit

author	Stephen Seo <seo.disparate@gmail.com>
	Wed, 21 Jun 2023 04:23:26 +0000 (13:23 +0900)
committer	Stephen Seo <seo.disparate@gmail.com>
	Wed, 21 Jun 2023 04:23:26 +0000 (13:23 +0900)
commit	2495396d765fdad0f43163ab4eeb2faf51fdf3d5
tree	013f519161305524771a258c2572b9c96665b425	tree \| snapshot
parent	211715fc56e47bccf4ec3f28512107b4c5f84a05	commit \| diff

Fix potential memory corruption bug

UDPC_atostr(...) uses a uint32_t as an offset into a buffer inside the
UDPC Context such that there can be at most 32 different addr-strings.
The call is thread-safe, up to a point (at most 32 concurrent calls will
return correct strings). The problem was that the offset was not being
reset to 0 and was always being incremented by 40. Should the offset
overflow, the offset into the buffer will be "mis-aligned" such that the
32nd offset into the buffer can possibly overwrite memory past the
buffer's end if the addr string is long enough.

The fix is to use a mutex instead of an atomic uint32_t to lock a
code-block that will always prevent overflow (using modulus operator).

I think the speed-loss is negligable (using a lock instead of an atomic
uint32_t) since it isn't expected for programs using UDPC to use
UDPC_atostr(...) very frequently.

src/UDPC_Defines.hpp		diff \| blob \| history
src/UDPConnection.cpp		diff \| blob \| history