[Sis-ams] validation of Meta-AMS PDUs
Ray, Timothy J. (GSFC-583.0)
timothy.j.ray at nasa.gov
Wed Jun 25 16:56:41 EDT 2008
Dear WG Members,
Well, it looks like the problems I was having with validating incoming
MPDUs were caused by my own incompetence rather than the
null-terminators. I now have a "safe string copy" routine that can
handle either null-terminated or length-prefix format (it is a grand
total of about 40 lines of code). And the validation logic is complete
(and with the exception of the "safe string copy" routine, identical for
both string formats).
It may still make sense to use a length-prefix instead of a
null-terminator, but ease of validation is not a factor.
Tim
________________________________
From: Ray, Timothy J. (GSFC-583.0)
Sent: Wednesday, June 25, 2008 12:10 PM
To: Ray, Timothy J. (GSFC-583.0); sis-ams at mailman.ccsds.org
Subject: RE: [Sis-ams] validation of Meta-AMS PDUs
Perhaps this initial email should have said "validation would probably
be much simpler" rather than "validation would be much simpler".
I'm having a go at performing the validation using the one-byte
string-length prefix to see how much it helps. I'll report back later
today...
Tim
________________________________
From: sis-ams-bounces at mailman.ccsds.org
[mailto:sis-ams-bounces at mailman.ccsds.org] On Behalf Of Ray, Timothy J.
(GSFC-583.0)
Sent: Wednesday, June 25, 2008 11:04 AM
To: sis-ams at mailman.ccsds.org
Subject: [Sis-ams] validation of Meta-AMS PDUs
Dear WG Members,
In my implementation, I am trying to thoroughly validate each incoming
Meta-AMS protocol message (MPDU). The primary goal is to avoid program
crashes that can occur when an attempt is made to access an array
element beyond the end of the array's allocated memory. For example, if
the supplementary data includes a field that is supposed to be a
null-terminated character string, but the null-terminator is missing,
avoid any attempts to access past the end of the entire array allocated
to hold the raw MPDU bytes.
I'm finding it quite complex to validate MPDUs whose supplementary data
includes null-terminated strings (especially if the strings are buried
within arrays of structures containing sub-structures). Validation
would be much simpler if, instead of adding a one-byte null terminator
at the end of each string, we added a one-byte length field at the
beginning of each string. (It would also be possible to add the
one-byte length field and keep the null terminator, although that seems
redundant).
Any thoughts/comments?
Tim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ccsds.org/pipermail/sis-ams/attachments/20080625/f336bcd8/attachment.htm
More information about the Sis-ams
mailing list