?
Solved

Perl API problems?

Posted on 2003-03-31
3
Medium Priority
?
195 Views
Last Modified: 2010-03-05
I'm working on a binary ecryption library for perl. The library written in C but my problem is rather perl API related so I'm posting here.
The library receives a few parameters, does the encryption and returns the encrypted data. Before the encryption takes place the required buffer size for the encrypted data is calculated. When this value (nOutDataLen) is calculated sv_setpvn is used to allocate the buffer for the result. The whole context is

     /* set up our output buffer */
     sv_setpvn(svOutData, "", nOutDataLen);

     /* get the pointer to the buffer */
     pOutData = (unsigned char*)SvPV(svOutData, nOutDataLen);
     /* now try and create the blob */
     bRet = EncryptData(pRemoteKey,
                    pLightData,
                    nLightDataLen,
                    pHeavyData,
                    nHeavyDataLen,
                    pOutData,
                    &nOutDataLen);

This code worked fine so far but it turned out recently that if the calculated result length is too long the code is failing. I did some sanity check and found that if nOutDataLen >= 7361 then the library crashes but working fine if nOutDatalength <= 7360.
According to the debug session sv_setpvn is failing.

Interestingly the code is working fine when the compiler optimalisations (used /O1) are turned off.

I have used Win32 for the investigation but the library has similar problems on Linux.

Any thoughts?

TIA

Zoltan Magyar
0
Comment
Question by:zmagyar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 20

Expert Comment

by:jmcg
ID: 8242965
This line is probably key:

 > Interestingly the code is working fine when the compiler optimalisations (used /O1) are turned off.

One of the things that can cause the compiler to make the wrong decisions when optimizing is "aliasing". Without knowing anything more about your code, I would be most concerned about passing the address of nOutDataLen in your call to EncryptData. If the idea is for the routine to pass back a new, shorter length, you would, I think, want to pass a copy of nOutDataLen rather than the original.

Either that or you just have the calling sequence wrong and it should be nOutDataLen that is being passed rather than its address.
0
 
LVL 1

Author Comment

by:zmagyar
ID: 8243981
Thanks for your comment.

> I would be most concerned about passing the address of
> nOutDataLen in your call to EncryptData. If the idea is
> for the routine to pass back a new, shorter length, you
> would, I think, want to pass a copy of nOutDataLen
> rather than the original.

Unluckily the code doesn't get to this point during the execution. The perl API is crashing in sv_setpvn.

Meanwhile I did a debug build of perl and tried to check a bit further. AFAICS there is some mess with the memory allocation. malloc is failing allocating the memory. :-(

0
 
LVL 20

Accepted Solution

by:
jmcg earned 2000 total points
ID: 8245982
The Perl API documentation for sv_setpv says that the string must be a null-terminated string, but does not include that restriction for sv_setpvn. That makes me think that, instead of the "" string you have used, that you must use a string or buffer with at least nOutDataLen bytes in it as the source or else you run the risk that it'll try copying bytes from non-mapped memory.

It could well be that what you really want to do is malloc the space for the output buffer yourself and call sv_usepvn() on it.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A year or so back I was asked to have a play with MongoDB; within half an hour I had downloaded (http://www.mongodb.org/downloads),  installed and started the daemon, and had a console window open. After an hour or two of playing at the command …
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question