--- libaitrpc/src/srv.c 2010/07/08 07:32:53 1.1.1.1.2.18 +++ libaitrpc/src/srv.c 2011/05/02 23:02:44 1.1.1.1.2.25 @@ -3,7 +3,7 @@ * by Michael Pounov * * $Author: misho $ -* $Id: srv.c,v 1.1.1.1.2.18 2010/07/08 07:32:53 misho Exp $ +* $Id: srv.c,v 1.1.1.1.2.25 2011/05/02 23:02:44 misho Exp $ * *************************************************************************/ #include "global.h" @@ -58,19 +58,41 @@ rpc_srv_dispatchCall(void *arg) rpc_SetErr(EINVAL, "Error:: get invalid RPC session ...\n"); ret = -5; goto makeReply; - } + } else + Limit = sizeof(struct tagRPCCall); // RPC is OK! Go decapsulate variables ... if (rpc->call_argc) { - v = (rpc_val_t*) (buf + sizeof(struct tagRPCCall)); + v = (rpc_val_t*) (buf + Limit); + // check RPC packet length + if (rpc->call_argc * sizeof(rpc_val_t) > BUFSIZ - Limit) { + rpc_SetErr(EMSGSIZE, "Error:: Too big RPC packet ...\n"); + ret = -5; + goto makeReply; + } else + Limit += rpc->call_argc * sizeof(rpc_val_t); // RPC received variables types OK! data = (u_char*) v + rpc->call_argc * sizeof(rpc_val_t); for (i = 0; i < rpc->call_argc; i++) { switch (v[i].val_type) { case buffer: + if (v[i].val_len > BUFSIZ - Limit) { + rpc_SetErr(EMSGSIZE, "Error:: Too big RPC packet ...\n"); + ret = -5; + goto makeReply; + } else + Limit += v[i].val_len; + v[i].val.buffer = data; data += v[i].val_len; break; case string: + if (v[i].val_len + 1 > BUFSIZ - Limit) { + rpc_SetErr(EMSGSIZE, "Error:: Too big RPC packet ...\n"); + ret = -5; + goto makeReply; + } else + Limit += v[i].val_len; + v[i].val.string = (int8_t*) data; data += v[i].val_len + 1; break; @@ -159,7 +181,7 @@ makeReply: break; } if (ret != Limit) { - rpc_SetErr(EBADMSG, "Error:: in send RPC request, should be send %d bytes, " + rpc_SetErr(ECANCELED, "Error:: in send RPC request, should be send %d bytes, " "really is %d\n", Limit, ret); ret = -9; break; @@ -169,7 +191,7 @@ makeReply: shutdown(c->cli_sock, SHUT_RDWR); close(c->cli_sock); memset(c, 0, sizeof(rpc_cli_t)); - return (void*) ret; + return (void*) (long)ret; } @@ -234,7 +256,8 @@ rpc_srv_dispatchVars(void *arg) blob->hdr_var); ret = -6; break; - } + } else + blob->hdr_len = b->blob_len; if (rpc_srv_blobMap(s, b) != -1) { ret = rpc_srv_sendBLOB(c, b); @@ -273,7 +296,7 @@ makeReply: break; } if (ret != sizeof buf) { - rpc_SetErr(EBADMSG, "Error:: in send BLOB reply, should be send %d bytes, " + rpc_SetErr(ECANCELED, "Error:: in send BLOB reply, should be send %d bytes, " "really is %d\n", sizeof buf, ret); ret = -9; break; @@ -283,7 +306,7 @@ makeReply: shutdown(c->cli_sock, SHUT_RDWR); close(c->cli_sock); memset(c, 0, sizeof(rpc_cli_t)); - return (void*) ret; + return (void*) (long)ret; } // ------------------------------------------------- @@ -410,6 +433,7 @@ rpc_srv_endBLOBServer(rpc_srv_t * __restrict srv) } pthread_mutex_unlock(&srv->srv_blob.mtx); + while (pthread_mutex_trylock(&srv->srv_blob.mtx) == EBUSY); pthread_mutex_destroy(&srv->srv_blob.mtx); } @@ -578,12 +602,12 @@ rpc_srv_initServer(u_int regProgID, u_int regProcID, i } else memset(srv->srv_clients, 0, srv->srv_numcli * sizeof(rpc_cli_t)); + pthread_mutex_init(&srv->srv_mtx, NULL); + rpc_srv_registerCall(srv, NULL, CALL_SRVSHUTDOWN, 0); rpc_srv_registerCall(srv, NULL, CALL_SRVCLIENTS, 0); rpc_srv_registerCall(srv, NULL, CALL_SRVCALLS, 0); rpc_srv_registerCall(srv, NULL, CALL_SRVSESSIONS, 0); - - pthread_mutex_init(&srv->srv_mtx, NULL); return srv; } @@ -607,8 +631,10 @@ rpc_srv_endServer(rpc_srv_t * __restrict srv) rpc_srv_endBLOBServer(srv); for (i = 0, c = srv->srv_clients; i < srv->srv_numcli && c; i++, c++) - if (c->cli_sa.sa_family) + if (c->cli_sa.sa_family) { shutdown(c->cli_sock, SHUT_RDWR); + close(c->cli_sock); + } close(srv->srv_server.cli_sock); if (srv->srv_clients) { @@ -624,6 +650,7 @@ rpc_srv_endServer(rpc_srv_t * __restrict srv) } pthread_mutex_unlock(&srv->srv_mtx); + while (pthread_mutex_trylock(&srv->srv_mtx) == EBUSY); pthread_mutex_destroy(&srv->srv_mtx); free(srv);