I have created two programs, a client and a server. They communicate via sockets sending char arrays of a fixed size of 115 bytes.
The data I want to transfer is stored in the following struct:
typedef struct {
char origin[14];
char type;
char data[100];
} socket_data;
But in order to send the data serialized, I want to send that information in a single string concatenating al the fields in the struct so I send a 115 bytes string. If any of those fields does not reach it's max size, I will manually fill the extra array positions with \0.
I have created two functions implemented in both client and server that send data through the socket or receive data from the socket.
The two functions are the following:
void socket_send(int socket, char *origin, char type, char *data) {
char info[115]; //data to be sent
socket_data aux;
strcpy(aux.origin, origin);
aux.type = type;
strcpy(aux.data, data);
//Filling up the remaining positions of origin and data variables
for (int i = (int) strlen(aux.origin); i<14; i++) aux.origin[i] = '\0';
for (int i = (int) strlen(aux.data); i<100; i++) aux.data[i] = '\0';
//Building up the 115 byte string I want to send via socket
for (int i=0; i<14; i++) info[i] = aux.origin[i];
info[14] = type;
for (int i=0; i<100; i++) info[i+15] = aux.data[i];
ssize_t total_bytes = 115;
ssize_t bytes_written = 0;
//Here I send all the bytes through the socket
do {
bytes_written = write(socket, info + (115 - total_bytes), total_bytes);
total_bytes -= bytes_written;
} while (total_bytes > 0);
}
socket_data socket_rcv(int socket) {
socket_data info;
char sequence[115];
ssize_t total_bytes = 115;
ssize_t bytes_read = 0;
//Here I receive all the bytes from the socket (till I fill up the 115 byte string called sequence)
do {
bytes_read = read(socket, sequence + (115 - total_bytes), total_bytes);
total_bytes -= bytes_read;
} while (total_bytes > 0);
//Then I return a stuct
for (int i=0; i<14; i++) info.origin[i] = sequence[i];
info.type = sequence[14];
for (int i=0; i<100; i++) info.data[i] = sequence[i+15];
return info;
}
As you can see, I loop both read() and write() to make sure all bytes are sent as I'm aware sometimes those functions read or write less bytes than demanded.
The issue is that, testing the functionality of the program, I have seen that in the case that less bytes are read (it loops), the program blocks (maybe waiting for another write() from the server side) instead of reading the remaining bytes in the socket buffer (because all 115 bytes where sent and only 111 received, so there should be still 4 bytes in the socket buffer). Sometimes also, instead of blocking waiting for a possible write(), the program terminates when it shouldn't...
I can't find the issue here and I'd appreciate some help
EDIT
I created this functions to set up the sockets...
Server:
int socketConfig (connection_info cinfo) {
int socketfd = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (socketfd < 0) {
write(1, "Socket error\n", strlen("Socket error\n"));
return -1;
}
struct sockaddr_in s_addr;
memset (&s_addr, 0, sizeof (s_addr));
s_addr.sin_family = AF_INET;
s_addr.sin_port = htons(cinfo.port);
s_addr.sin_addr.s_addr = INADDR_ANY;
if (bind (socketfd, (void *) &s_addr, sizeof (s_addr)) < 0) {
write(1, "Bind error\n", strlen("Bind error\n"));
return -1;
}
listen(socketfd, 3);
return socketfd;
}
int receiveClient(int serverfd) {
struct sockaddr_in client;
socklen_t len = sizeof(client);
return accept(serverfd, (void *) &client, &len);
}
Client:
int connect_to_server(Config config) {
struct sockaddr_in client;
int sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
write(1, "Connecting Jack...\n", strlen("Connecting Jack...\n"));
if (sockfd < 0) {
write(1, "Error creating the socket\n", strlen("Error creating the socket\n"));
return -1;
}
memset(&client, 0, sizeof(client));
client.sin_family = AF_INET;
client.sin_port = htons(config.port_jack);
if (inet_aton(config.ip_jack, &client.sin_addr) == 0) {
write(1, "Invalid IP address\n", strlen("Invalid IP address\n"));
return -1;
}
if (connect(sockfd, (void *) &client, sizeof(client)) < 0) {
write(1, "Error connecting to Jack\n", strlen("Error connecting to Jack\n"));
return -1;
}
return sockfd;
}
I can guarantee the connection works
You are not checking the return values of write() and read() for failures.
Try something more like this:
int socket_send_all(int socket, const void *data, size_t size) {
const char *pdata = (const char*) data;
ssize_t bytes_written;
while (size > 0) {
bytes_written = write(socket, pdata, size);
if (bytes_written < 0) return bytes_written;
pdata += bytes_written;
size -= bytes_written;
}
return 0;
}
int socket_rcv_all(int socket, void *data, size_t size) {
char *pdata = (char*) data;
ssize_t bytes_read;
while (size > 0) {
bytes_read = read(socket, pdata, size);
if (bytes_read <= 0) return bytes_read;
pdata += bytes_read;
size -= bytes_read;
}
return 1;
}
int socket_send2(int socket, const socket_data *sd) {
char bytes[115];
memcpy(bytes, sd->origin, 14);
bytes[14] = sd->type;
memcpy(bytes+15, sd->data, 100);
return socket_send_all(socket, bytes, 115);
/* alternatively:
int ret = socket_send_all(socket, sd->origin, 14);
if (ret == 0) ret = socket_send_all(socket, &(sd->type), 1);
if (ret == 0) ret = socket_send_all(socket, sd->data, 100);
return ret;
*/
}
int socket_send(int socket, char *origin, char type, char *data) {
socket_data aux;
strncpy(aux.origin, origin, 14);
aux.type = type;
strncpy(aux.data, data, 100);
return socket_send2(socket, &aux);
}
int socket_rcv2(int socket, socket_data *sd) {
char bytes[115];
int ret = socket_rcv_all(socket, bytes, 115);
if (ret > 0) {
memcpy(sd->origin, bytes, 14);
sd->type = bytes[14];
memcpy(sd->data, bytes+15, 100);
}
return ret;
/* alternatively:
int ret = socket_rcv_all(socket, sd->origin, 14);
if (ret > 0) ret = socket_rcv_all(socket, &(sd->type), 1);
if (ret > 0) ret = socket_rcv_all(socket, sd->data, 100);
return ret;
*/
}
socket_data socket_rcv(int socket) {
socket_data aux;
int ret = socket_rcv2(socket, &aux);
if (ret <= 0) {
// error handling ...
}
return aux;
}
read() returns as many bytes as it wants. Perchance the sent output went out in two packets. Perhaps something else (memory alignment comes to mind). Always handle short reads by trying to read more or have a headache. In addition, write() only writes as many byte as it wants. A short write is usually a full buffer or split by a signal, but stranger things have been observed.
You need to check for errors every time around the loop. Your program as written will trash memory otherwise.
Related
How can I send and receive a long array of integers using TCP sockets?
In the case of short array, the reception is possible using the function recv(.., 4*size of array) one time, however when the size of array is too long, I can't receive data correctly.
int main(void)
{
int listenfd = 0, connfd = 0;
int i,j,x;
int fd;
unsigned int *pic;
struct sockaddr_in serv_addr;
char *recvBuff;
clock_t t;
//Allocate memory for a 24-bit 640x480 rgb image
pic = (int*)malloc(10*sizeof(int));
recvBuff = (char*)malloc(1*sizeof(char));
for(i = 0; i < 10 ; i++){
pic[i] = 20;
}
//Create the TCP socket
listenfd = socket(AF_INET, SOCK_STREAM, 0);
memset(&serv_addr, '0', sizeof(serv_addr));
memset(pic, '0', sizeof(pic));
serv_addr.sin_family = AF_INET;
serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
serv_addr.sin_port = htons(7); // la valeur du port
bind(listenfd, (struct sockaddr*)&serv_addr, sizeof(serv_addr));
listen(listenfd, 10);
//fprintf(stdout,"End Creating Socket4\n");
connfd = accept(listenfd, (struct sockaddr*)NULL, NULL);
while(1)
{
recv(connfd,recvBuff, sizeof(char),MSG_WAITALL);
//printf("BUFF: %s\n",recvBuff);
//Wait for client request
if(strcmp(recvBuff,"A")){
printf("Error in input\n");
}else
write(connfd, pic, 921600);
}
close(connfd);
}
In the case of short array, the reception is possible using the function recv(.., 4*size of array) one time
That is not guaranteed. Any call to recv() can return fewer bytes than requested, even as few as just 1 byte. So you always need to call recv() in a loop until you have actually received as many bytes as are you expecting, eg:
ssize_t recv_all(int skt, void *buf, size_t bufsize)
{
char *ptr = (char*) buf;
while (bufsize > 0)
{
ssize_t recvd = recv(skt, ptr, bufsize, 0);
if (recvd <= 0) return recvd;
ptr += recvd;
bufsize -= recvd;
}
return 1;
}
And then you can call it like this:
int32_t *arr = (int32_t*) malloc(sizeof(int32_t) * count);
...
if (recv_all(..., arr, sizeof(int32_t) * count) <= 0)
{
// error, or peer disconnected...
}
else
{
// use arr as needed...
}
You should do the same thing for send() too, eg:
ssize_t send_all(int skt, const void *buf, size_t bufsize)
{
const char *ptr = (const char*) buf;
while (bufsize > 0)
{
ssize_t sent = send(skt, ptr, bufsize, 0);
if (sent < 0) return sent;
ptr += sent;
bufsize -= sent;
}
return 0;
}
int32_t *arr = (int32_t*) malloc(sizeof(int32_t) * count);
...
if (send_all(..., arr, sizeof(int32_t) * count) < 0)
{
// error...
}
else
{
// arr sent in full...
}
First of all, it's worth noting that recv() doesn't care at all about the type of data it receives, only about its size.
So all you need is a function that calls recv() in a loop until it receives all of the requested data
// Returns the number of bytes read, or -1 in the case of an error
ssize_t recv_all(const int sock, void * const buf, const size_t n)
{
ssize_t len = 0;
ssize_t total_read = 0;
while (n > (size_t)total_read)
{
len = recv(sock, (char *)buf + total_read, n - total_read, MSG_WAITALL);
switch (len)
{
case -1:
return -1;
case 0:
break;
default:
total_read += len;
}
}
return total_read;
}
I have to get the numbers in a buffer with recvfrom() function and compute the sum. Then I have to use sprintf() function to get the result as a string and then I have to send this string with sendto() function. Everything is fine is my code except the result that I send with sendto(). Could you help me please ?
int recv_and_handle_message(const struct sockaddr *src_addr, socklen_t addrlen) {
// TODO: Create a IPv6 socket supporting datagrams
// TODO: Bind it to the source
// TODO: Receive a message through the socket
// TODO: Perform the computation
// TODO: Send back the result
int result = 0;
int sock = socket(AF_INET6, SOCK_DGRAM, 0);
if(sock == -1) return sock;
int err = bind(sock,src_addr,addrlen);
if (err == - 1) return err;
struct sockaddr_storage recever;
socklen_t len = sizeof(recever);
char buffer[1024];
int rec = recvfrom(sock, buffer, sizeof(char)*1024, 0, (struct sockaddr*)&recever, &len);
if(rec == -1) return rec;
int*current = (int*)&buffer;
for (int i = 0; i < rec/4; ++i){
result += current[i];
}
char res[1000];
int b = sprintf(res, "%d", result);
if(b == -1){
return -1;
}
char rese[b];
memcpy(rese, res, b);
//for (int i = 0; i < b; ++i){
// rese[i] = res[i];
//}
int r = sendto(sock, &rese, 1, 0, (struct sockaddr *)&recever, len);
if(r == -1){
return -1;
}
return 0;
}
I am trying to send/receive messages between my server and client. I currently have a stuct in my server that holds a char value. I am trying to pass this value to my client. See the following:
tileInfo->tiles[user_cords_x][user_cords_y].identifier = '+'; // Char i want to pass
write_client_msg(cli_sockfd, &tileInfo->tiles[user_cords_x][user_cords_y].identifier);
/* Writes a message to a client socket. */
void write_client_msg(int cli_sockfd, char * msg)
{
int n = write(cli_sockfd, msg, strlen(msg));
if (n < 0)
error("ERROR writing msg to client socket");
}
On my client side i am receiving it with the following:
char *msg;
char identity = read(sockfd, msg, 1);
printf("This is the value: %d \n", identity);
Currently the output i am getting is This is the value: 1. I am new to sockets and dont fully understand passing chars. Could someone please explain and show me how to pass the '+' to my client side?
You are making several mistakes with your code.
On the server side, in this code:
write_client_msg(cli_sockfd, &tileInfo->tiles[user_cords_x][user_cords_y].identifier);
It is clear that identifier is a single char, or else the code would not compile. In which case, using strlen() inside of write_client_msg() is wrong, since msg will not have a null terminator when passing in a pointer to a single char. You would end up transmitting garbage to the other party, if not just crash altogether from accessing invalid memory.
Then, on the client side, you are passing an uninitialized msg pointer to read(). But also, you are displaying read()'s return value, which is the number of bytes actually received. That is why your display is showing 1, since you are asking for 1 byte to be received.
To send and receive the identifier correctly, you would need something more like this instead:
void write_client_msg(int sockfd, char *msg, size_t msg_len)
{
int n = write(sockfd, msg, msg_len);
if (n < 0)
error("ERROR writing msg to client socket");
}
...
write_client_msg(cli_sockfd, &tileInfo->tiles[user_cords_x][user_cords_y].identifier, 1);
char identity;
int n = read(sockfd, &identity, 1);
if (n < 0)
error("ERROR reading identity from client socket");
else if (n == 0)
error("DISCONNECTED while reading identity from client socket");
else
printf("This is the value: %c \n", identity);
That being said, a better solution is to make write_client_msg() send the msg_len before sending the msg. Especially since write_client_msg() doesn't know what kind of data it is sending. Then the client can read the msg_len to know how many bytes to read for the msg, and then process the msg as needed.
Also, write() and read() can return fewer bytes than requested, so you need to call them in loops to make sure you actually send/receive everything.
For example:
int write_all(int sockfd, void *data, size_t data_len)
{
char *d = (char*) data;
while (data_len > 0)
{
int n = write(sockfd, d, data_len);
if (n < 0)
return n;
d += n;
data_len -= n;
}
return 1;
}
void write_client_msg(int sockfd, char *msg, size_t msg_len)
{
uint32_t len = htonl(msg_len);
int n = write_all(sockfd, &len, sizeof(len));
if (n == 1)
n = write_all(sockfd, msg, msg_len);
if (n < 0)
error("ERROR writing msg to client socket");
}
...
write_client_msg(cli_sockfd, &tileInfo->tiles[user_cords_x][user_cords_y].identifier, 1);
int read_all(int sockfd, void *data, size_t data_len)
{
char *d = (char*) data;
while (data_len > 0)
{
int n = read(sockfd, d, data_len);
if (n <= 0)
return n;
d += n;
data_len -= n;
}
return 1;
}
char *read_server_msg(int sockfd)
{
uint32_t len;
int n = read_all(sockfd, &len, sizeof(len));
if (n <= 0)
return NULL;
len = ntohl(len);
char *msg = malloc(len+1);
if (!msg)
return NULL;
n = read_all(sockfd, msg, len);
if (n <= 0) {
free(msg);
return NULL;
}
msg[len] = '\0';
return msg;
}
...
char *msg = read_server_msg(sockfd);
if (!msg)
error("ERROR reading msg from client socket");
else {
printf("This is the value: %s \n", msg);
free(msg);
}
The proper solution (based on your code) would be:
char *msg;
msg = malloc(2);
if (read(sockfd, msg, 1)!=1) {
printf("Something wrong\n");
return 0;
}
msg[1]= '\0';
printf("Sent received: %s \n", msg);
Solved:
char *msg;
msg = (char*) malloc (1);
read(sockfd, msg, 1);
printf("Sent received: %s \n", msg);
I've written a UDP send/receive function to send a struct and listen for another struct back. The bytes have to be sent in a particular order, but this is working OK as I'm using #pragma pack(1). The only problem that I'm having now is that if any Null values (0x00) appear in the struct, the rest of the data after the Null disappears.
I guess there's something fairly simple that I'm doing wrong, but here is my code:
typedef u_int8_t NN;
typedef u_int8_t X;
typedef int32_t S;
typedef u_int32_t U;
typedef char C;
typedef struct{
X test;
NN test2[2];
C test3[4];
S test4;
} Test;
int main(int argc, char** argv)
{
Test t;
memset( &t, 0, sizeof(t));
t.test = 0xde;
t.test2[0]=0xad; t.test2[1]=0x00;
t.test3[0]=0xbe; t.test3[1]=0xef; t.test3[2]=0xde; t.test3[3]=0xca;
t.test4=0xde;
LogOnResponse response;
udp_send_receive(&t, &response);
return 0;
}
And here is my send/receive function:
int send_and_receive(void* message, void* reply, int do_send, int expect_reply)
{
struct sockaddr_in serv_addr;
int sockfd, i, slen=sizeof(serv_addr);
int buflen = BUFLEN;
void* buf = NULL;
struct timeval tv;
int n_timeouts=1;
int recv_retval;
// printf("Message Size: %d\n", strlen(message));
if ( (strlen(message)) >= BUFLEN)
err("Message too big");
buf = malloc(buflen);
if ((sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP))==-1)
err("socket");
tv.tv_sec = timeout_seconds;
tv.tv_usec = timeout_microseconds;
if( setsockopt(sockfd, SOL_SOCKET, SO_RCVTIMEO,&tv,sizeof(tv)) < 0 ){
err("Setting Timout");
}
bzero(&serv_addr, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
serv_addr.sin_port = htons(PORT);
if (inet_aton(IP_ADDRESS, &serv_addr.sin_addr)==0)
err("inet_aton() failed\n");
//---Timeout Send/Receive loop
do{
if(do_send == TRUE){
strcpy(buf, message);
if (sendto(sockfd, buf, buflen, 0, (struct sockaddr*)&serv_addr, slen)==-1)
err("sendto()");
}
if (expect_reply == TRUE){
if( (recv_retval = recvfrom(sockfd, buf, buflen, 0, (struct sockaddr*)&serv_addr, &slen)) == -1){
itercount++;
}
}
}while ((itercount < itermax) && (recv_retval == -1));
if ( itercount != itermax ){
memcpy(reply, buf, BUFLEN);
}
else{
reply=NULL;
}
close(sockfd);
free(buf);
return 0;
}
void udp_send_receive(void* message, void* reply)
{
send_and_receive(message, reply, TRUE, TRUE);
}
Running the above code and capturing the packets with WireShark shows:
Data: DEAD000000000000000000....
I'd like it to show:
Data: DEAD00BEEFDECADE
I'd really appreciate some pointers on this.
You can't use string functions (like strlen or strcpy) for binary data. It's because strings are terminated by the value zero (character '\0').
For example, you use strcpy to copy data, but it will stop as soon as is sees the string terminator meaning it will not copy all of the data.
Rather than using strcpy use
void * memcpy ( void * destination, const void * source, size_t num );
Doing strcpy(buf, message); in send_and_receive() is incorrect. I would update code to pass size of message and use that to copy memory as
udp_send_receive(&t, sizeof(t), &response);
void udp_send_receive(void* message, int len, void* reply){
send_and_receive(message, len reply, TRUE, TRUE);
}
int send_and_receive(void* message, int len, void* reply, int do_send, int expect_reply){
...
int buflen = len;
....
memcpy(buf, message, len); //instead of strcpt(buf, message)
...
}
I am working on a client server program , that uses select() calls to listen to multiple sockets. But my select call gets blocked, although I have a message in one of those sockets , select() call doesn't recognize it and it's still waits there indefinetly.
There are 2 entities in the program , a master and a client.
The master knows the number of clients it will handle and waits for the clients to connect to it. Once it receives a client acknowledgement, it stores its information. Once all the clients are connected, it then sends its neighboring client's information to every client so it can form a network. It is here, I use the select() to monitor many sockets,
master has a socket to every child tat is connected to it
client has 3 main sockets
s1-to speak with master
s2-child listens for connection on this socket
neighbour-the socket on which its neighbour wait for a connection.(i.e S2 in a neighbour)
p- the socket that is results of connection from its neighbour ( accept of s2 - returns ths)
I use select to listen to server, its own socket for incoming connections and once.
Initially my server sends a string "hello" to one of the client, which receives this message and passes it on to the neighbour, in this way when the string reaches back to the first child that has received this message from server , it passes it on to its neighbour. But all though all child are in select() waiting for an input. What could cause this ??
void main(int argc, char **argv) {
int s1, s2, n, server_port, sc1, sc2, rv, rc, left_peer_port;
int peer_port;
fd_set writefds, readfds;
struct timeval tv;
struct hostent *server_info, *child_info, *left_peer_info;
int start_flag = 0;
struct sockaddr_in server, peer, incoming;
char host_child[64];
char *left_host = malloc(1);
char *right_host = malloc(1);
char buf1[256];
char buf2[256];
server_port = atoi(argv[2]);
//speak to peer using this
s2 = socket(AF_INET, SOCK_STREAM, 0);
if (s2 < 0) {
perror("socket:");
exit(s2);
}
peer_port = server_port + 1;
gethostname(host_child, sizeof host_child);
child_info = gethostbyname(host_child);
if (child_info == NULL) {
fprintf(stderr, "%s: host not found (%s)\n", argv[0], host_child);
exit(1);
}
peer.sin_family = AF_INET;
memcpy(&peer.sin_addr, child_info->h_addr_list[0], child_info->h_length);
int changeport = 0;
do {
peer.sin_port = htons(peer_port);
rc = bind(s2, (struct sockaddr *) &peer, sizeof(peer));
if (rc < 0) {
//perror("bind:");
peer_port++;
changeport = 1;
//exit(rc);
} else {
changeport = 0;
}
} while (changeport == 1);
if (listen(s2, 100) == -1) {
perror("listen");
exit(3);
}
//Now talk to server
server_info = gethostbyname(argv[1]);
if (server_info == NULL) {
fprintf(stderr, "%s: host not found\n", argv[0]);
exit(1);
}
// pretend we've connected both to a server at this point
//speak to server using this
s1 = socket(AF_INET, SOCK_STREAM, 0);
if (s1 < 0) {
perror("socket:");
exit(s1);
}
server.sin_family = AF_INET;
server.sin_port = htons(server_port);
memcpy(&server.sin_addr, server_info->h_addr_list[0], server_info->h_length);
//To talk to the server
sc1 = connect(s1, (struct sockaddr *) &server, sizeof(server));
if (sc1 < 0) {
perror("connect:");
exit(sc1);
}
int send_len;
char *str = malloc(1);
sprintf(str, "%d", peer_port);
printf("\nport-here=%s\n", str);
send_len = send(s1, str, strlen(str), 0);
if (send_len != strlen(str)) {
perror("send");
exit(1);
}
int recv_len;
char buf[100];
int ref = 0;
int recv_stage = 0;
int start_id;
recv_len = recv(s1, buf, 34, 0);
if (recv_len < 0) {
perror("recv");
exit(1);
}
buf[recv_len] = '\0';
char *temp_port;
if (!strcmp("close", buf))
printf("%s", buf);
//break;
else {
char *temp_buffer = malloc(1);
char *id = malloc(100);
char *pp = malloc(1);
strcpy(temp_buffer, buf);
char *search = ":";
temp_port = strtok(temp_buffer, search);
strcpy(buf, temp_port);
printf("temp_name%s", temp_port);
temp_port = strtok(NULL, search);
strcpy(pp, temp_port);
printf("temp_port%s", temp_port);
temp_port = strtok(NULL, search);
strcpy(id, temp_port);
printf("id%s", temp_port);
strcpy(temp_port, pp);
printf("\nbuf=%s\n", buf);
printf("\nport=%s\n", temp_port);
printf("\nid=%s\n", id);
start_id = atoi(id);
}
//To send packet to its neighbour
left_peer_info = gethostbyname(buf);
printf("\nleft host=%s\n", buf);
if (left_peer_info == NULL) {
fprintf(stderr, "%s: host not found\n", left_host);
exit(1);
}
left_peer_port = atoi(temp_port);
int neighbour_socket;
struct hostent *neighbour_info;
struct sockaddr_in neighbour;
neighbour_socket = socket(AF_INET, SOCK_STREAM, 0);
if (neighbour_socket < 0) {
perror("socket:");
exit(neighbour_socket);
}
neighbour_info = left_peer_info;
neighbour.sin_family = AF_INET;
neighbour.sin_port = htons(left_peer_port);
memcpy(&neighbour.sin_addr, neighbour_info->h_addr_list[0], neighbour_info->h_length);
printf("\nconnected to port %d\n", left_peer_port);
//To talk to the neighbour
printf("\ncomes here\n");
//Listen on this socket connection for potato
int send_peer_len;
int nfds;
nfds = MAX(MAX(neighbour_socket, s2), s1);
// clear the set ahead of time
FD_ZERO(&writefds);
// add our descriptors to the set
FD_SET(neighbour_socket, &writefds);
FD_SET(s1, &writefds);
FD_SET(s2, &writefds);
//FD_SET(s2, &writefds);
FD_ZERO(&readfds);
FD_SET(neighbour_socket, &readfds);
FD_SET(s1, &readfds);
FD_SET(s2, &readfds);
//select()
// since we got s2 second, it's the "greater", so we use that for
// the n param in select()
//n = s1 + 1;
// wait until either socket has data ready to be recv()d (timeout 10.5 secs)
tv.tv_sec = 10;
tv.tv_usec = 500000;
int fds[3];
fds[0] = s1;
fds[1] = s2;
fds[2] = neighbour_socket;
int p = 0;
int p_flag = 0;
while (1) {
printf("\n nfds = %d , p = %d \n", nfds, p);
char buf_msg[64];
//This is where the error occurs //
rv = select(nfds, &readfds, NULL, NULL, 0);
//This is where the error occurs //
if (rv == -1) {
perror("select"); // error occurred in select()
} else if (rv == 0) {
printf("Timeout occurred! No data after 10.5 seconds.\n");
} else {
// one or both of the descriptors have data
//reading message from server
int select_fd;
for (select_fd = 0; select_fd <= nfds; select_fd++) {
if (FD_ISSET(select_fd, &readfds) != 0) {
if (select_fd == s1) {
recv_len = 0;
recv_len = recv(s1, buf_msg, 34, 0);
if (recv_len < 0) {
perror("recv");
exit(1);
}
buf_msg[recv_len] = '\0';
printf("\nreceived from server = %s\n", buf_msg);
//send to neighbour
int sc3;
sc3 = connect(neighbour_socket, (struct sockaddr *) &neighbour, sizeof(neighbour));
if (sc3 < 0) {
perror("connect:");
exit(sc3);
}
str = malloc(1);
strcpy(str, buf_msg);
send_len = send(neighbour_socket, str, strlen(str), 0);
printf("\n send - len - s1 - %d\n", send_len);
if (send_len != strlen(str)) {
perror("send");
exit(1);
}
start_flag = 1;
//FD_CLR(s1, &readfds);
printf("\ncrossed server\n");
} else if (select_fd == s2) {
int list_len = sizeof incoming;
printf("\ninside client\n");
printf("\nWaiting for accept in S2\n");
if (p_flag == 0) {
p_flag = 1;
p = accept(s2, (struct sockaddr *) &incoming, &list_len);
printf("\nConnection accepted in S2\n");
if (p < 0) {
perror("bind:");
exit(rc);
}
}
nfds = MAX(nfds, p);
recv_len = 0;
buf_msg[recv_len] = '\0';
recv_len = recv(p, buf_msg, 34, 0);
if (recv_len < 0) {
perror("recv");
exit(1);
}
buf_msg[recv_len] = '\0';
printf("\nreceived from client = %s\n", buf_msg);
//send to neighbour
//if(start_id!=1){
int sc3;
sc3 = connect(neighbour_socket, (struct sockaddr *) &neighbour, sizeof(neighbour));
if (sc3 < 0) {
perror("connect:");
//exit(sc3);
}
//}
str = malloc(1);
strcpy(str, buf_msg);
send_len = send(neighbour_socket, str, strlen(str), 0);
printf("\n send - len - s2 - %d\n", send_len);
if (send_len != strlen(str)) {
perror("send");
exit(1);
}
} else if (select_fd == neighbour_socket) {
printf("\ncomes in\n");
} else if (select_fd == p && p != 0) {
int list_len = sizeof incoming;
printf("\ninside p\n");
recv_len = 0;
buf_msg[recv_len] = '\0';
printf("\nwaiting at recv in P\n");
recv_len = recv(p, buf_msg, 34, 0);
printf("\ncrossed at recv in P\n");
if (recv_len < 0) {
perror("recv");
exit(1);
}
buf_msg[recv_len] = '\0';
printf("\nreceived from client = %s\n", buf_msg);
//send to neighbour
str = malloc(1);
strcpy(str, buf_msg);
send_len = send(neighbour_socket, str, strlen(str), 0);
printf("\n send - len - neighbour - %d\n", send_len);
if (send_len != strlen(str)) {
perror("send");
exit(1);
}
}
}
}
FD_ZERO(&readfds);
//FD_SET(neighbour_socket,&readfds);
FD_SET(s1, &readfds);
FD_SET(neighbour_socket, &readfds);
if (p_flag == 1) {
printf("\nsetting P\n");
FD_SET(p, &readfds);
FD_SET(s2, &readfds);
p_flag = 0;
} else {
printf("\nNot setting P\n");
FD_SET(s2, &readfds);
}
}
}
close(s1);
close(s2);
}
Thanks in advance.
The first parameter to select must be the maximum file descriptor plus one. As far as I can tell in that huge lump of code you posted, you forgot that "plus one".
I believe Mat has found the underlying problem. But I think there is a much larger problem here:
int send_len;
char *str=malloc(1);
sprintf(str,"%d",peer_port);
printf("\nport-here=%s\n",str);
You have corrupted your heap with your sprintf(3) call. Maybe it isn't important data you've overwritten, and maybe malloc(3) won't ever actually allocate one byte, but that is a bad assumption to make. You need to allocate at least six bytes for a port number: five for the digits in 65535 and one for the trailing ASCII NUL \0 byte.
buf[recv_len] = '\0';
char *temp_port;
//printf("\n-%s\n",buf);
if ( !strcmp("close", buf) )
printf("%s",buf);
//break;
else{
char *temp_buffer=malloc(1);
char *id=malloc(100);
char *pp=malloc(1);
strcpy(temp_buffer,buf);
In the preceding selection, you have stored a \0 into the end of buf, so you're presumably working with a string of some sort. But in a few lines, you allocate a single byte and then proceed to copy the contents of buf into that single byte. The ASCII NUL will use that byte entirely, leaving no space for the string you received. But strcpy(3) doesn't work that way -- it will copy the contents of buf, until that '\0' character, into the memory starting with your single byte. You've again destroyed your heap. But this time it can overwrite significantly more than five bytes -- and all under the control of the remote peer.
Heap overflows are extremely dangerous. I found over 350 references to exploitable bugs in programs that derive directly from heap overflows in an old archive I have from the Common Vulnerabilities and Exposures project.
Do not deploy this program on publicly-accessible machines until you have fixed these problems. It represents a significant security flaw. Find every instance of malloc(1) and replace it with the correct amount of memory that must be allocated. Once you've done this, please run your program with MALLOC_CHECK_=1 or under control of valgrind(1) to help you find further memory allocation problems.
Have you considered using poll() instead of select()? It's easier to debug and scales elegantly to however many you need.