为什么 "bad file descriptor" 只出现在 Linux 中?
Why "bad file descriptor" appears only in Linux?
为什么 sendto 函数 return 错误:错误的文件描述符? 这只发生在 Linux 上(在 Windows 上可以正常工作)。
这是我的代码:
json对象hb是经典的json对象,如{ "name": "alfa", "surname": "beta"},通过其方法
转换为字符串
int fd;
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
{
print_time();
perror("Socket failed\n");
exit(EXIT_FAILURE);
}
struct sockaddr_in serveraddr;
memset(&serveraddr, 0, sizeof(serveraddr));
//memset(&cliaddr, 0, sizeof(cliaddr));
serveraddr.sin_family = AF_INET;
serveraddr.sin_port = htons(9900);
serveraddr.sin_addr.s_addr = inet_addr("192.168.1.96");
char ui_request_str[] = "";
strcpy(ui_request_str, json_object_to_json_string(hb));
if (sendto(fd, ui_request_str, strlen(ui_request_str), 0, (struct sockaddr *)&serveraddr, sizeof(serveraddr)) < 0)
{
perror("Error");
}
else
{
debug_level > 0 && printf("message sent: %s\n", ui_request_str);
}
close(fd);
问题
您的问题来自您未分配的内存:
char ui_request_str[] = "";
strcpy(ui_request_str, json_object_to_json_string(hb));
在第一行中,您分配了一个字节数组。
在第二行,您尝试使用 json_object_to_json_string
的输出写入您保留的内存
您的代码生成缓冲区溢出:
来自男人 strcpy:
Bugs
If the destination string of a strcpy() is not large enough, then anything might happen. Overflowing fixed-length string buffers is a favorite cracker technique for taking complete control of the machine. Any time a program reads or copies data into a buffer, the program first needs to check that there's enough space. This may be unnecessary if you can show that overflow is impossible, but be careful: programs can get changed over time, in ways that may make the impossible possible.
解决方案
不要将ui_request_str设为数组,将其设为指针:
char * ui_request_str[];
ui_request_str = json_object_to_json_string(hb);
if (NULL == ui_request_str) {
perror(";json_object_to_json_string");
exit(0);
}
if (sendto(fd, ui_request_str, strlen(ui_request_str), 0, (struct sockaddr *)&serveraddr, sizeof(serveraddr)) < 0)
{
perror("Error");
}
else
{
debug_level > 0 && printf("message sent: %s\n", ui_request_str);
}
为什么 sendto 函数 return 错误:错误的文件描述符? 这只发生在 Linux 上(在 Windows 上可以正常工作)。
这是我的代码:
json对象hb是经典的json对象,如{ "name": "alfa", "surname": "beta"},通过其方法
int fd;
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
{
print_time();
perror("Socket failed\n");
exit(EXIT_FAILURE);
}
struct sockaddr_in serveraddr;
memset(&serveraddr, 0, sizeof(serveraddr));
//memset(&cliaddr, 0, sizeof(cliaddr));
serveraddr.sin_family = AF_INET;
serveraddr.sin_port = htons(9900);
serveraddr.sin_addr.s_addr = inet_addr("192.168.1.96");
char ui_request_str[] = "";
strcpy(ui_request_str, json_object_to_json_string(hb));
if (sendto(fd, ui_request_str, strlen(ui_request_str), 0, (struct sockaddr *)&serveraddr, sizeof(serveraddr)) < 0)
{
perror("Error");
}
else
{
debug_level > 0 && printf("message sent: %s\n", ui_request_str);
}
close(fd);
问题
您的问题来自您未分配的内存:
char ui_request_str[] = "";
strcpy(ui_request_str, json_object_to_json_string(hb));
在第一行中,您分配了一个字节数组。
在第二行,您尝试使用 json_object_to_json_string
您的代码生成缓冲区溢出:
来自男人 strcpy:
Bugs
If the destination string of astrcpy()is not large enough, then anything might happen. Overflowing fixed-length string buffers is a favorite cracker technique for taking complete control of the machine. Any time a program reads or copies data into a buffer, the program first needs to check that there's enough space. This may be unnecessary if you can show that overflow is impossible, but be careful: programs can get changed over time, in ways that may make the impossible possible.
解决方案
不要将ui_request_str设为数组,将其设为指针:
char * ui_request_str[];
ui_request_str = json_object_to_json_string(hb);
if (NULL == ui_request_str) {
perror(";json_object_to_json_string");
exit(0);
}
if (sendto(fd, ui_request_str, strlen(ui_request_str), 0, (struct sockaddr *)&serveraddr, sizeof(serveraddr)) < 0)
{
perror("Error");
}
else
{
debug_level > 0 && printf("message sent: %s\n", ui_request_str);
}