$ ./server 5050 1
$ ./client 127.0.0.1 5050 message
kashimastro / simplenetwork Goto Github PK
View Code? Open in Web Editor NEWsimple TCP server / client C++ linux socket
License: MIT License
simple TCP server / client C++ linux socket
License: MIT License
You have a memory access violation on line 69. Should be buffer[size - 1] = '\0';
to fix the off-by-one.
Please consider adding a license, otherwise no one is allowed to use your code. Choose a License. I would recommend to use MIT-License.
Hi, kashimAstro
please check your update for solve the Issue #10
g++ -Wall -o server server.cpp -I../src/ ../src/TCPServer.cpp ../src/TCPClient.cpp -std=c++11 -lpthread
server.cpp: In function ‘void* received(void*)’:
server.cpp:53:13: error: could not convert ‘desc’ from ‘std::vector<descript_socket*>’ to ‘bool’
if( desc )
^
Makefile:2: recipe for target 'all' failed
make: *** [all] Error 1
Thanks
@kashimAstro
Hello,
Maybe I'm missing it, but what is the license for the code you've posted?
Regards,
Even though server seems to be made with multiple connections in mind it wont respond to multiple clients as it will overwrite newsockfd on every new connection, I'm sorry if that's how it was meant to be.
need steps to be followed to configure this project
if( (setsockopt(sockfd, SOL_SOCKET, opts.size(), (char *)&opt, sizeof(opt))) < 0 ) {
cerr << "Errore setsockopt" << endl;
return -1;
}
-------------------->>>>>
if( (setsockopt(sockfd, SOL_SOCKET, opts.at(i), (char *)&opt, sizeof(opt))) < 0 ) {
cerr << "Errore setsockopt" << endl;
return -1;
}
Hi!
I was running my fuzzer in the background again when I discovered a global buffer overflow bug in the SimpleNetwork TCPServer.
$ cd src
$ make
$ cd ../example-server
$ make
Server commit 29bc615 suffers from a global buffer overflow when the TCPServer receives a single large packet containing ASCII characters. Using the following python3 script will invoke a global buffer overflow:
import socket
host = "localhost"
port = 1234
buf = b'A'*50000
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((host, port))
s.sendall(buf)
data = s.recv(1024)
s.close()
print('Received', repr(data))
except:
print("Finished...")
all:
g++ -Wall -o server server.cpp -I../src/ ../src/TCPServer.cpp ../src/TCPClient.cpp -std=c++11 -lpthread -fsanitize=address
Address Sanitizer Output:
=================================================================
==15095==ERROR: AddressSanitizer: global-buffer-overflow on address 0xaaaae7e8f5c0 at pc 0xaaaae7e5b684 bp 0xffffa1efe720 sp 0xffffa1efe738
WRITE of size 1 at 0xaaaae7e8f5c0 thread T2
#0 0xaaaae7e5b680 in TCPServer::Task(void*) (/home/kali/projects/SimpleNetwork/example-server/server+0xb680)
#1 0xffffa595edd4 in start_thread nptl/pthread_create.c:442
#2 0xffffa59c7e58 in thread_start ../sysdeps/unix/sysv/linux/aarch64/clone.S:79
0xaaaae7e8f5c0 is located 0 bytes to the right of global variable 'msg' defined in '../src/TCPServer.cpp:3:6' (0xaaaae7e855c0) of size 40960
0xaaaae7e8f5c0 is located 32 bytes to the left of global variable 'num_client' defined in '../src/TCPServer.cpp:4:5' (0xaaaae7e8f5e0) of size 4
SUMMARY: AddressSanitizer: global-buffer-overflow (/home/kali/projects/SimpleNetwork/example-server/server+0xb680) in TCPServer::Task(void*)
Shadow bytes around the buggy address:
0x15655cfd1e60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x15655cfd1e70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x15655cfd1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x15655cfd1e90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x15655cfd1ea0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x15655cfd1eb0: 00 00 00 00 00 00 00 00[f9]f9 f9 f9 04 f9 f9 f9
0x15655cfd1ec0: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9
0x15655cfd1ed0: f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9 00 00 00 f9
0x15655cfd1ee0: f9 f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9
0x15655cfd1ef0: 00 00 00 00 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
0x15655cfd1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Thread T2 created by T0 here:
#0 0xffffa5dda234 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:207
#1 0xaaaae7e5c360 in TCPServer::accepted() (/home/kali/projects/SimpleNetwork/example-server/server+0xc360)
#2 0xaaaae7e566bc in main (/home/kali/projects/SimpleNetwork/example-server/server+0x66bc)
#3 0xffffa590777c in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#4 0xffffa5907854 in __libc_start_main_impl ../csu/libc-start.c:381
#5 0xaaaae7e543ec in _start (/home/kali/projects/SimpleNetwork/example-server/server+0x43ec)
==15095==ABORTING
[root@jeff:/usr/src/SimpleNetwork/example-server] # make
g++ -Wall -o server server.cpp -I../src/ ../src/TCPServer.cpp ../src/TCPClient.cpp -std=c++11 -lpthread
server.cpp: In function ‘void* loop(void*)’:
server.cpp:24:1: warning: no return statement in function returning non-void [-Wreturn-type]
../src/TCPServer.cpp: In member function ‘std::string TCPServer::receive()’:
../src/TCPServer.cpp:45:51: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
../src/TCPClient.cpp: In member function ‘bool TCPClient::setup(std::string, int)’:
../src/TCPClient.cpp:20:38: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
[root@jeff:/usr/src/SimpleNetwork] # g++ --version
g++ (GCC) 4.7.2 20121015 (Red Hat 4.7.2-5)
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
If remove while in loop my computer changed state to freeze and help only reboot
Hi there!
I was running my fuzzer in the background when I discovered a double free in the SimpleNetwork TCPServer.
Triggering the double free will allow client to crash any SimpleNetwork TCP server remotely. In other situations, double free vulnerabilities can cause undefined behavior and potentially code execution in the right circumstances.
void TCPServer::accepted()
{
socklen_t sosize = sizeof(clientAddress);
descript_socket so = new descript_socket;
so->socket = accept(sockfd,(struct sockaddr)&clientAddress,&sosize);
so->id = num_client;
so->ip = inet_ntoa(clientAddress.sin_addr);
newsockfd.push_back( so );
cerr << "accept client[ id:" << newsockfd[num_client]->id <<
" ip:" << newsockfd[num_client]->ip <<
" handle:" << newsockfd[num_client]->socket << " ]" << endl;
//pthread_create(&serverThread[num_client], NULL, &Task, (void *)newsockfd[num_client]);
pthread_create(&serverThread[num_client], NULL, Task, (void *)newsockfd[num_client]);
isonline=true;
num_client++;
}
why use "&Task" ? I think should use “Task” !! both ways of writing code can work, I can't understand the reason of them.
The reasion is no cleaning to Message member in the Task function. Since Message is a duplicate of newsockfd, remove the Message member will solve the problem
I'm a beginner of cpp and linux, and I'm wondering about this.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.