<html>
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered)">
<style>
<!--
/* Font Definitions */
@font-face
        {font-family:"MS Mincho";
        panose-1:2 2 6 9 4 2 5 8 3 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:"\@MS Mincho";
        panose-1:2 2 6 9 4 2 5 8 3 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman";}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {color:purple;
        text-decoration:underline;}
p.StyleParagraph4Kernat14pt, li.StyleParagraph4Kernat14pt, div.StyleParagraph4Kernat14pt
        {margin-top:12.0pt;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:0in;
        margin-bottom:.0001pt;
        text-align:justify;
        line-height:14.0pt;
        font-size:12.0pt;
        font-family:"Times New Roman";}
p.styleparagraph4kernat14pt0, li.styleparagraph4kernat14pt0, div.styleparagraph4kernat14pt0
        {margin-top:12.0pt;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:0in;
        margin-bottom:.0001pt;
        text-align:justify;
        line-height:14.0pt;
        font-size:12.0pt;
        font-family:"Times New Roman";}
p.styleparagraph4kernat14pt00, li.styleparagraph4kernat14pt00, div.styleparagraph4kernat14pt00
        {margin-top:12.0pt;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:0in;
        margin-bottom:.0001pt;
        text-align:justify;
        line-height:14.0pt;
        font-size:12.0pt;
        font-family:"Times New Roman";}
span.emailstyle18
        {font-family:Arial;
        color:windowtext;}
span.emailstyle20
        {font-family:Arial;
        color:navy;}
span.EmailStyle22
        {font-family:Arial;
        color:navy;}
@page Section1
        {size:8.5in 11.0in;
        margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
        {page:Section1;}
/* List Definitions */
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Dear WG Members,</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Well, it looks like the problems I was
having with validating incoming MPDUs were caused by my own incompetence rather
than the null-terminators. I now have a “safe string copy”
routine that can handle either null-terminated or length-prefix format (it is a
grand total of about 40 lines of code). And the validation logic is
complete (and with the exception of the “safe string copy” routine,
identical for both string formats).</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>It may still make sense to use a
length-prefix instead of a null-terminator, but ease of validation is not a
factor.</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Tim</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<div>
<div class=MsoNormal align=center style='text-align:center'><font size=3
face="Times New Roman"><span style='font-size:12.0pt'>
<hr size=2 width="100%" align=center tabindex=-1>
</span></font></div>
<p class=MsoNormal><b><font size=2 face=Tahoma><span style='font-size:10.0pt;
font-family:Tahoma;font-weight:bold'>From:</span></font></b><font size=2
face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma'> Ray, Timothy J.
(GSFC-583.0) <br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, June 25, 2008
12:10 PM<br>
<b><span style='font-weight:bold'>To:</span></b> Ray, Timothy J. (GSFC-583.0);
sis-ams@mailman.ccsds.org<br>
<b><span style='font-weight:bold'>Subject:</span></b> RE: [Sis-ams] validation
of Meta-AMS PDUs</span></font></p>
</div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Perhaps this initial email should have
said “validation would probably be much simpler” rather than
“validation would be much simpler”. </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>I’m having a go at performing the
validation using the one-byte string-length prefix to see how much it
helps. I’ll report back later today…</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Tim</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<div>
<div class=MsoNormal align=center style='text-align:center'><font size=3
face="Times New Roman"><span style='font-size:12.0pt'>
<hr size=2 width="100%" align=center tabindex=-1>
</span></font></div>
<p class=MsoNormal><b><font size=2 face=Tahoma><span style='font-size:10.0pt;
font-family:Tahoma;font-weight:bold'>From:</span></font></b><font size=2
face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma'>
sis-ams-bounces@mailman.ccsds.org [mailto:sis-ams-bounces@mailman.ccsds.org] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Ray, Timothy J. (GSFC-583.0)<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, June 25, 2008
11:04 AM<br>
<b><span style='font-weight:bold'>To:</span></b> sis-ams@mailman.ccsds.org<br>
<b><span style='font-weight:bold'>Subject:</span></b> [Sis-ams] validation of
Meta-AMS PDUs</span></font></p>
</div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'> </span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Dear WG Members,</span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>In my implementation, I am trying to thoroughly validate
each incoming Meta-AMS protocol message (MPDU). The primary goal is to
avoid program crashes that can occur when an attempt is made to access an array
element beyond the end of the array’s allocated memory. For
example, if the supplementary data includes a field that is supposed to be a
null-terminated character string, but the null-terminator is missing, avoid any
attempts to access past the end of the entire array allocated to hold the raw
MPDU bytes.</span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>I’m finding it quite complex to validate MPDUs whose
supplementary data includes null-terminated strings (especially if the strings
are buried within arrays of structures containing sub-structures).
Validation would be much simpler if, instead of adding a one-byte null
terminator at the end of each string, we added a one-byte length field at the
beginning of each string. (It would also be possible to add the one-byte
length field and keep the null terminator, although that seems redundant).</span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Any thoughts/comments?</span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'>Tim</span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span style='font-size:10.0pt;
font-family:Arial'> </span></font></p>
</div>
</body>
</html>