Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Potential bug in QNativeSocketEngine for windows network sockets



  • I beleive that QNativeSocketEnginePrivate::nativeWrite() method in src/network/socket/qnativesocketengine_win.cpp
    contains potential bug.
    In case when WSASend() returns success but ret != len, it tries next send, but bytesToSend isn't decreased like it happens in end of cycle (it didn't reached because of continue operator). This causes data buffer overread and wrong data being sent to remote side. This case may never hapen due to current socket configuration or some API specification details, but these factors looks very sensitive to be changed.
    Affected classes: QAbstractSocket, QTcpSocket, QSslSocket.
    Threrefore, piece of code responsible for handling this sort of case should be either fixed or considered to be dead and removed.


  • Lifetime Qt Champion

    Hi,

    You should rather go to the "bug report system":http://bugreports.qt-project.org and open a new report for that providing as much details as you can (this forum is user oriented). If you could also provide a minimal compilable project to test that behavior, it would be even better.



  • Hi,
    I wasn't sure to go there since it's not a bug but just a dangerous thing which may produce potential bug in future. There are nothing to test. My intention was just to point experienced developers to this behavior.


  • Lifetime Qt Champion

    Then you can start by discussing the matter on the interest mailing list



  • I hate mailing lists :) So I posted suggestion "QTBUG-38579":https://bugreports.qt-project.org/browse/QTBUG-38579


Log in to reply