[Sis-ams] validation of Meta-AMS PDUs

Ray, Timothy J. (GSFC-583.0) timothy.j.ray at nasa.gov
Wed Jun 25 16:56:41 EDT 2008


Dear WG Members,

 

Well, it looks like the problems I was having with validating incoming
MPDUs were caused by my own incompetence rather than the
null-terminators.  I now have a "safe string copy" routine that can
handle either null-terminated or length-prefix format (it is a grand
total of about 40 lines of code).  And the validation logic is complete
(and with the exception of the "safe string copy" routine, identical for
both string formats).

 

It may still make sense to use a length-prefix instead of a
null-terminator, but ease of validation is not a factor.

 

Tim

 

 

________________________________

From: Ray, Timothy J. (GSFC-583.0) 
Sent: Wednesday, June 25, 2008 12:10 PM
To: Ray, Timothy J. (GSFC-583.0); sis-ams at mailman.ccsds.org
Subject: RE: [Sis-ams] validation of Meta-AMS PDUs

 

Perhaps this initial email should have said "validation would probably
be much simpler" rather than "validation would be much simpler".  

 

I'm having a go at performing the validation using the one-byte
string-length prefix to see how much it helps.  I'll report back later
today...

 

Tim

 

________________________________

From: sis-ams-bounces at mailman.ccsds.org
[mailto:sis-ams-bounces at mailman.ccsds.org] On Behalf Of Ray, Timothy J.
(GSFC-583.0)
Sent: Wednesday, June 25, 2008 11:04 AM
To: sis-ams at mailman.ccsds.org
Subject: [Sis-ams] validation of Meta-AMS PDUs

 

Dear WG Members,

 

In my implementation, I am trying to thoroughly validate each incoming
Meta-AMS protocol message (MPDU).  The primary goal is to avoid program
crashes that can occur when an attempt is made to access an array
element beyond the end of the array's allocated memory.  For example, if
the supplementary data includes a field that is supposed to be a
null-terminated character string, but the null-terminator is missing,
avoid any attempts to access past the end of the entire array allocated
to hold the raw MPDU bytes.

 

I'm finding it quite complex to validate MPDUs whose supplementary data
includes null-terminated strings (especially if the strings are buried
within arrays of structures containing sub-structures).  Validation
would be much simpler if, instead of adding a one-byte null terminator
at the end of each string, we added a one-byte length field at the
beginning of each string.  (It would also be possible to add the
one-byte length field and keep the null terminator, although that seems
redundant).

 

Any thoughts/comments?

 

Tim

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ccsds.org/pipermail/sis-ams/attachments/20080625/f336bcd8/attachment.htm


More information about the Sis-ams mailing list