<div dir="ltr">Hello.<div><br></div><div>Thank you Johnny.</div><div>I will create a pull request as soon as I create the tests.</div><div><br></div><div>Cheers,</div><div>Joovan Bunjevacki</div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-04-25 9:45 GMT+02:00 Johnny Willemsen <span dir="ltr"><<a href="mailto:jwillemsen@remedy.nl" target="_blank">jwillemsen@remedy.nl</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
See TAO/tests/ for all current tests we have. Maybe start with a copy of<br>
TAO/tests/Hello and use a small perl based http server to simulate your<br>
webserver. The <a href="http://run_test.pl" rel="noreferrer" target="_blank">run_test.pl</a> can be adapted for that, your unit test<br>
should fail without the patch, success with the patch.<br>
<span class=""><br>
Best regards,<br>
<br>
Johnny Willemsen<br>
Remedy IT<br>
Postbus 81 | 6930 AB Westervoort | The Netherlands<br>
<a href="http://www.remedy.nl" rel="noreferrer" target="_blank">http://www.remedy.nl</a><br>
<br>
</span><span class="">On 04/25/2016 09:22 AM, BJovke . wrote:<br>
> Hello.<br>
><br>
> I'm not sure how to create test for this.<br>
> I can create the full test with all the code and Perl script to run it<br>
> but in my own way of coding.<br>
> I see that there is some specific form of code in which the tests should<br>
> be made.<br>
> Do you have some info on how to create the test in required form?<br>
> Sorry for the questions, I really want to create this request but I<br>
> don't know where to find more information.<br>
><br>
> Thank you and greetings,<br>
> Jovan Bunjevački.<br>
><br>
><br>
> 2016-04-20 11:51 GMT+02:00 Johnny Willemsen <<a href="mailto:jwillemsen@remedy.nl">jwillemsen@remedy.nl</a><br>
</span>> <mailto:<a href="mailto:jwillemsen@remedy.nl">jwillemsen@remedy.nl</a>>>:<br>
<div><div class="h5">><br>
> Hi,<br>
><br>
> Thanks for using the PRF form. Please open a pull request at<br>
> <a href="https://github.com/DOCGroup/ATCD/" rel="noreferrer" target="_blank">https://github.com/DOCGroup/ATCD/</a> with the necessary fixes and<br>
> extensions to our unit tests to reproduce this.<br>
><br>
> Best regards,<br>
><br>
> Johnny Willemsen<br>
> Remedy IT<br>
> Postbus 81 | 6930 AB Westervoort | The Netherlands<br>
> <a href="http://www.remedy.nl" rel="noreferrer" target="_blank">http://www.remedy.nl</a><br>
><br>
> On 04/20/2016 11:27 AM, BJovke . wrote:<br>
> > :)) Well, I've just noticed that initial "buf" is also not zero terminated.<br>
> > For strstr this is critical.<br>
> > So here is the fix with this correction included:<br>
> ><br>
> > SAMPLE FIX/WORKAROUND:<br>
> ><br>
> > int<br>
> > TAO_HTTP_Reader::receive_reply (void)<br>
> > {<br>
> > size_t num_recvd = 0;<br>
> > char buf [MTU+1];<br>
> > char *buf_ptr = 0;<br>
> > size_t bytes_read = 0;<br>
> ><br>
> > // Receive the first MTU bytes and strip the header off.<br>
> > // Note that we assume that the header will fit into MTU bytes.<br>
> > if (peer ().recv_n (buf, MTU, 0, &num_recvd) >= 0)<br>
> > {<br>
> > // Zero terminate buf.<br>
> > buf[num_recvd]=0;<br>
> > //Make sure that response type is 200 OK<br>
> > // It could be "IOR:" also!!!<br>
> > if (ACE_OS::strstr (buf,"200 OK") == 0)<br>
> > {<br>
> > // If response is pure IOR string it should begin with "IOR:" without<br>
> > any white spaces before it<br>
> > // This could be modified in future to skip leading white spaces if<br>
> > there is a possibility that there are white spaces before "IOR:" string<br>
> > if (*buf == 0 || ACE_OS::strstr (buf,"IOR:") != buf)// *buf==0 is here<br>
> > because strstr returns buf when buf is empty string<br>
> > TAOLIB_ERROR_RETURN ((LM_ERROR,<br>
> > "TAO (%P|%t) - HTTP_Reader::receive_reply, Response is not 200 OK nor<br>
> > IOR:\n" ), -1);<br>
> > }<br>
> ><br>
> > // Search for the header termination string "\r\n\r\n", or<br>
> "\n\n". If<br>
> > // found, move past it to get to the data portion.<br>
> > if ((buf_ptr = ACE_OS::strstr (buf,"\r\n\r\n")) != 0)<br>
> > buf_ptr += 4;<br>
> > else if ((buf_ptr = ACE_OS::strstr (buf, "\n\n")) != 0)<br>
> //for<br>
> > compatibility with JAWS<br>
> > buf_ptr += 2;<br>
> > else<br>
> > buf_ptr = buf;<br>
> ><br>
> > // Determine number of data bytes read. This is equal to the<br>
> > // total bytes read minus number of header bytes.<br>
> > bytes_read = num_recvd - (buf_ptr - buf);<br>
> ><br>
> > }<br>
> > else<br>
> > {<br>
> > TAOLIB_ERROR_RETURN ((LM_ERROR,<br>
> > "TAO (%P|%t) - HTTP_Reader::receive_reply,<br>
> > error while reading header\n"), -1);<br>
> > }<br>
> ><br>
> > // ***************************************************************<br>
> > // At this point, we have stripped off the header and are ready to<br>
> > // process data. buf_ptr points to the data<br>
> ><br>
> > ACE_Message_Block* temp = 0;<br>
> > ACE_Message_Block* curr = this->mb_;<br>
> ><br>
> > ACE_NEW_RETURN (temp,<br>
> > ACE_Message_Block (bytes_read + 1),// Added "+1" to<br>
> > make room for byte 0 to make 0 terminated string.<br>
> > -1);<br>
> > curr->cont (temp);<br>
> > curr = curr->cont ();<br>
> ><br>
> > // Copy over all the data bytes into our message buffer.<br>
> > if (curr->copy (buf_ptr, bytes_read) == -1)<br>
> > {<br>
> > TAOLIB_ERROR_RETURN ((LM_ERROR, "TAO (%P|%t) -<br>
> > HTTP_Reader::receive_reply, error copying data into Message_Block\n"), -1);<br>
> > }<br>
> ><br>
> > // 0 - terminate string<br>
> > *curr->wr_ptr () = 0;<br>
> > curr->wr_ptr (1);<br>
> ><br>
> > // read the rest of the data into a number of ACE_Message_Blocks and<br>
> > // chain them together in a link list fashion<br>
> > num_recvd = 0;<br>
> ><br>
> > do<br>
> > {<br>
> > if (curr->space () == 0)<br>
> > {<br>
> > ACE_NEW_RETURN (temp,<br>
> > ACE_Message_Block (MTU + 1),// Added "+1" to<br>
> make<br>
> > room for byte 0 to make 0 terminated string.<br>
> > -1);<br>
> > curr->cont (temp);<br>
> > curr = curr->cont ();<br>
> > }<br>
> ><br>
> > if (peer ().recv_n (curr->wr_ptr (), curr->space (), 0, &num_recvd) >= 0)<br>
> > {<br>
> > // Move the write pointer<br>
> > curr->wr_ptr (num_recvd);<br>
> ><br>
> > // 0 - terminate string<br>
> > *curr->wr_ptr () = 0;<br>
> > curr->wr_ptr (1);<br>
> ><br>
> > // Increment bytes_read<br>
> > bytes_read += num_recvd;<br>
> ><br>
> > }<br>
> > else<br>
> > {<br>
> > TAOLIB_ERROR_RETURN ((LM_ERROR,<br>
> > "TAO (%P|%t) - HTTP_Reader::receive_reply,<br>
> > Error while reading header\n"), -1);<br>
> > }<br>
> > } while (num_recvd != 0);<br>
> ><br>
> > // Set the byte count to number of bytes received<br>
> > this->bytecount_ = bytes_read;<br>
> ><br>
> > return 0;<br>
> > }<br>
> ><br>
> ><br>
> > 2016-04-20 11:08 GMT+02:00 BJovke . <<a href="mailto:bjovan@gmail.com">bjovan@gmail.com</a> <mailto:<a href="mailto:bjovan@gmail.com">bjovan@gmail.com</a>><br>
</div></div>> > <mailto:<a href="mailto:bjovan@gmail.com">bjovan@gmail.com</a> <mailto:<a href="mailto:bjovan@gmail.com">bjovan@gmail.com</a>>>>:<br>
<div><div class="h5">> ><br>
> > TAO VERSION: 2.3.0<br>
> > ACE VERSION: 6.3.0<br>
> ><br>
> > HOST MACHINE and OPERATING SYSTEM:<br>
> > Windows 7, Winsock2<br>
> ><br>
> > COMPILER NAME AND VERSION (AND PATCHLEVEL):<br>
> > Visual studio 2012 express VC11 version 17.00.61030<br>
> for x86<br>
> ><br>
> > THE $ACE_ROOT/ace/config.h FILE [if you use a link to a<br>
> platform-<br>
> > specific file, simply state which one]:<br>
> > config-win32.h<br>
> ><br>
> > THE $ACE_ROOT/include/makeinclude/platform_macros.GNU FILE<br>
> [if you<br>
> > use a link to a platform-specific file, simply state which one<br>
> > (unless this isn't used in this case, e.g., with Microsoft<br>
> Visual<br>
> > C++)]:<br>
> > MSVC used<br>
> ><br>
> > CONTENTS OF<br>
> $ACE_ROOT/bin/MakeProjectCreator/config/default.features<br>
> > (used by MPC when you generate your own makefiles):<br>
> > -<br>
> ><br>
> > AREA/CLASS/EXAMPLE AFFECTED:<br>
> > Failed fetching of IOR via HTTP.<br>
> ><br>
> > DOES THE PROBLEM AFFECT:<br>
> > COMPILATION?<br>
> > No.<br>
> > LINKING?<br>
> > No.<br>
> > EXECUTION?<br>
> > Yes, behavior is wrong. TAO and my application are<br>
> affected.<br>
> > OTHER (please specify)?<br>
> > -<br>
> ><br>
> > SYNOPSIS:<br>
> > There are two issues noticed when fetching IOR via<br>
> HTTP, by<br>
> > using orb->string_to_object() function.<br>
> > Because of these issues this functions fails in fetching<br>
> > IOR, in both cases with error.<br>
> ><br>
> > DESCRIPTION:<br>
> > First issue is that TAO_HTTP_Reader::receive_reply (void)<br>
> > function in HTTP_Handler.cpp<br>
> > expects string "200 OK" as mandatory in HTTP response.<br>
> > However, for Ericsson and NSN systems<br>
> > I was connecting with my app, URL for Naming service IOR<br>
> > points to a file on web server which<br>
> > contains IOR string. HTTP response in both Ericsson<br>
> and NSN<br>
> > cases contains just IOR string, there<br>
> > are no HTTP response headers. Because of that this<br>
> function<br>
> > fails in reading IOR.<br>
> ><br>
> > Second issue is a bug and it's more serious. It is in the<br>
> > same function as first issue,<br>
> > TAO_HTTP_Reader::receive_reply (void) in HTTP_Handler.cpp.<br>
> > HTTP response data is read and<br>
> > placed into list of "ACE_Message_Block"s, each of MTU<br>
> size.<br>
> > These blocks are after that<br>
> > concatenated into one string in function<br>
> > TAO_HTTP_Parser::parse_string in HTTP_Parser.cpp.<br>
> > The problem is that "ACE_Message_Block"s created in<br>
> > TAO_HTTP_Reader::receive_reply are NOT<br>
> > zero terminated and TAO_HTTP_Parser::parse_string uses<br>
> > ACE_OS::strlen in<br>
> > ACE_String_Base<ACE_CHAR_T>::operator+= (const ACE_CHAR_T* s) in<br>
> > String_Base.cpp.<br>
> > This operator is used for concatenation of<br>
> > "ACE_Message_Block"s as C strings.<br>
> > "strlen" expects each of these blocks to be zero<br>
> terminated<br>
> > and produces unpredictable results<br>
> > with a lot of garbage bytes in resulting IOR string.<br>
> > Luckily, while testing the code I've noticed<br>
> > that eventually "strlen" encounters zero byte after at<br>
> most<br>
> > 50 bytes, well after the end of<br>
> > ACE_Message_Block, so it does not cause more damage than<br>
> > putting garbage into final IOR string.<br>
> ><br>
> > REPEAT BY:<br>
> > CORBA::Object_var<br>
> > obj=orb->string_to_object("<a href="http://xxxxxxxxxxxxxxxxxxxxxxxxxx" rel="noreferrer" target="_blank">http://xxxxxxxxxxxxxxxxxxxxxxxxxx</a>");<br>
> > URL should be a file on web server containing IOR<br>
> string and<br>
> > no HTTP response headers should be present, this is to reproduce<br>
> > only first issue.<br>
> ><br>
> > Second issue (bug) is always appearing if there is at<br>
> least<br>
> > one "ACE_Message_Block" containing response which is not zero<br>
> > terminated.<br>
> > Proper zero termination could happen only by chance if the<br>
> > next byte after "ACE_Message_Block" is zero or if HTTP response<br>
> > is such that contains zero bytes, which is unlikely.<br>
> ><br>
> > SAMPLE FIX/WORKAROUND:<br>
> > Here is a complete modified<br>
> TAO_HTTP_Reader::receive_reply()<br>
> > function with issues corrected.<br>
> ><br>
> > int<br>
> > TAO_HTTP_Reader::receive_reply (void)<br>
> > {<br>
> > size_t num_recvd = 0;<br>
> > char buf [MTU+1];<br>
> > char *buf_ptr = 0;<br>
> > size_t bytes_read = 0;<br>
> ><br>
> > // Receive the first MTU bytes and strip the header off.<br>
> > // Note that we assume that the header will fit into MTU bytes.<br>
> > if (peer ().recv_n (buf, MTU, 0, &num_recvd) >= 0)<br>
> > {<br>
> > //Make sure that response type is 200 OK<br>
> > // It could be "IOR:" also!!!<br>
> > if (ACE_OS::strstr (buf,"200 OK") == 0)<br>
> > {<br>
> > // If response is pure IOR string it should begin with "IOR:"<br>
> > without any white spaces before it<br>
> > // This could be modified in future to skip leading white<br>
> spaces if<br>
> > there is a possibility that there are white spaces before<br>
> "IOR:" string<br>
> > if (*buf == 0 || ACE_OS::strstr (buf,"IOR:") != buf)// *buf==0 is<br>
> > here because strstr returns buf when buf is empty string<br>
> > TAOLIB_ERROR_RETURN ((LM_ERROR,<br>
> > "TAO (%P|%t) - HTTP_Reader::receive_reply, Response is not 200 OK<br>
> > nor IOR:\n" ), -1);<br>
> > }<br>
> ><br>
> > // Search for the header termination string "\r\n\r\n", or<br>
> > "\n\n". If<br>
> > // found, move past it to get to the data portion.<br>
> > if ((buf_ptr = ACE_OS::strstr (buf,"\r\n\r\n")) != 0)<br>
> > buf_ptr += 4;<br>
> > else if ((buf_ptr = ACE_OS::strstr (buf, "\n\n")) != 0)<br>
> > //for compatibility with JAWS<br>
> > buf_ptr += 2;<br>
> > else<br>
> > buf_ptr = buf;<br>
> ><br>
> > // Determine number of data bytes read. This is equal to the<br>
> > // total bytes read minus number of header bytes.<br>
> > bytes_read = num_recvd - (buf_ptr - buf);<br>
> ><br>
> > }<br>
> > else<br>
> > {<br>
> > TAOLIB_ERROR_RETURN ((LM_ERROR,<br>
> > "TAO (%P|%t) -<br>
> HTTP_Reader::receive_reply,<br>
> > error while reading header\n"), -1);<br>
> > }<br>
> ><br>
> > //<br>
> ***************************************************************<br>
> > // At this point, we have stripped off the header and are<br>
> ready to<br>
> > // process data. buf_ptr points to the data<br>
> ><br>
> > ACE_Message_Block* temp = 0;<br>
> > ACE_Message_Block* curr = this->mb_;<br>
> ><br>
> > ACE_NEW_RETURN (temp,<br>
> > ACE_Message_Block (bytes_read + 1),// Added "+1"<br>
> > to make room for byte 0 to make 0 terminated string.<br>
> > -1);<br>
> > curr->cont (temp);<br>
> > curr = curr->cont ();<br>
> ><br>
> > // Copy over all the data bytes into our message buffer.<br>
> > if (curr->copy (buf_ptr, bytes_read) == -1)<br>
> > {<br>
> > TAOLIB_ERROR_RETURN ((LM_ERROR, "TAO (%P|%t) -<br>
> > HTTP_Reader::receive_reply, error copying data into<br>
> > Message_Block\n"), -1);<br>
> > }<br>
> ><br>
> > // 0 - terminate string<br>
> > *curr->wr_ptr () = 0;<br>
> > curr->wr_ptr (1);<br>
> ><br>
> > // read the rest of the data into a number of ACE_Message_Blocks and<br>
> > // chain them together in a link list fashion<br>
> > num_recvd = 0;<br>
> ><br>
> > do<br>
> > {<br>
> > if (curr->space () == 0)<br>
> > {<br>
> > ACE_NEW_RETURN (temp,<br>
> > ACE_Message_Block (MTU + 1),// Added "+1" to<br>
> > make room for byte 0 to make 0 terminated string.<br>
> > -1);<br>
> > curr->cont (temp);<br>
> > curr = curr->cont ();<br>
> > }<br>
> ><br>
> > if (peer ().recv_n (curr->wr_ptr (), curr->space (), 0,<br>
> > &num_recvd) >= 0)<br>
> > {<br>
> > // Move the write pointer<br>
> > curr->wr_ptr (num_recvd);<br>
> ><br>
> > // 0 - terminate string<br>
> > *curr->wr_ptr () = 0;<br>
> > curr->wr_ptr (1);<br>
> ><br>
> > // Increment bytes_read<br>
> > bytes_read += num_recvd;<br>
> ><br>
> > }<br>
> > else<br>
> > {<br>
> > TAOLIB_ERROR_RETURN ((LM_ERROR,<br>
> > "TAO (%P|%t) -<br>
> HTTP_Reader::receive_reply,<br>
> > Error while reading header\n"), -1);<br>
> > }<br>
> > } while (num_recvd != 0);<br>
> ><br>
> > // Set the byte count to number of bytes received<br>
> > this->bytecount_ = bytes_read;<br>
> ><br>
> > return 0;<br>
> > }<br>
> ><br>
> ><br>
> > --<br>
> ><br>
> > Jovan Bunjevački.<br>
> ><br>
> ><br>
> ><br>
> ><br>
> > --<br>
> ><br>
> > Jovan Bunjevački.<br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > tao-bugs mailing list<br>
> > <a href="mailto:tao-bugs@list.isis.vanderbilt.edu">tao-bugs@list.isis.vanderbilt.edu</a><br>
</div></div>> <mailto:<a href="mailto:tao-bugs@list.isis.vanderbilt.edu">tao-bugs@list.isis.vanderbilt.edu</a>><br>
<div class="HOEnZb"><div class="h5">> > <a href="http://list.isis.vanderbilt.edu/cgi-bin/mailman/listinfo/tao-bugs" rel="noreferrer" target="_blank">http://list.isis.vanderbilt.edu/cgi-bin/mailman/listinfo/tao-bugs</a><br>
> ><br>
><br>
><br>
><br>
><br>
> --<br>
><br>
> Jovan Bunjevački.<br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div><br></div><div>Jovan Bunjevački.<br></div></div>
</div>