Wireshark-dev: Re: [Wireshark-dev] size_t under Windows ...

From: Richard Sharpe <realrichardsharpe@xxxxxxxxx>
Date: Fri, 24 Nov 2017 12:03:20 -0800
On Fri, Nov 24, 2017 at 11:52 AM, Guy Harris <guy@xxxxxxxxxxxx> wrote:
> On Nov 23, 2017, at 2:12 PM, Richard Sharpe <realrichardsharpe@xxxxxxxxx> wrote:
>
>> I am running into problems with this in my latest build:
>>
>> #if defined(_WIN32)
>>    char *                       cap_pipe_buf;           /**< Pointer
>> to the buffer we read into */
>>    DWORD                        cap_pipe_bytes_to_read; /**< Used by
>> pipe_dispatch */
>>    DWORD                        cap_pipe_bytes_read;    /**< Used by
>> pipe_dispatch */
>
> On Windows, we read from a pipe with ReadFile(), the byte count argument to which is a DWORD, and the "bytes I actually read" argument to which is a pointer to a DWORD.

   110>C:\buildbot\builders\windows-x86-64-petri-dish\windows-x86-64-petri-dish\build\dumpcap.c(2425):
warning C4267: '=': conversion from 'size_t' to 'DWORD', possible loss
of data

which seems to be cause by:

        pcap_src->cap_pipe_bytes_to_read = hdrsize;

and hdrsize is defined as size_t, so there is possible loss of range
on Windows. hdrsize is set from a sizeof but the Windows compiler
likely does not look through multiple steps to see if it is OK.

>> #else
>>    size_t                       cap_pipe_bytes_to_read; /**< Used by
>> pipe_dispatch */
>>    size_t                       cap_pipe_bytes_read;    /**< Used by
>> pipe_dispatch */
>
> On UN*X, we read from a pipe with cap_pipe_read(), which calls ws_read(), which is just a #define for read on UN*X; the byte count argument to read() is a size_t, and the "bytes I actually read, or -1 for error" return value for which is an ssize_t.
>
> What are the problems that this causes?
>
> Perhaps we should simply restrict the number of bytes to be read in any one call to INT_MAX, which should fit in a DWORD, a size_t, or an ssize_t, and thus work on Windows and UN*X, either 32-bit or 64-bit, and declare both cap_pipe_bytes_to_read and cap_pipe_bytes_read to be int.
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe



-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)