[sldev] Crash on "Save object back to object contents" VWR-176
/ 828
Nicholaz Beresford
nicholaz at blueflash.cc
Sat May 26 16:19:48 PDT 2007
I did check into this further, but I guess I'll have to leave that to
the Lindens. It's easy to reproduce, I found out a few things (noted
below) but don't understand the message system enough to solve this.
Here are my obersations (also noted in VWR-828):
I kept digging into this, but I guess that less than trivial.
There seem to be two issues playing into each other
1) a packet is received and decoded an on the way one of the checks
fails, seeing that decoding goes beyond the expected end (""Ran off end
of packet " ). The packet type is DeRezAck and either there is a
malformed packet packet of this type sent by the server or the decoding
is wrong (or of course it's something else).
2) when the system detects the problem, it tries to write an error to
the log (llwarns << "blah blah") in LLMessageSystem::dumpPacketToLog().
The bad news is that this overwrites something in the underlying object,
i.e. that std::iostream operation seems to be overwriting buffers which
then causes an exception in the Microsoft classes (the exception is
probably designed to detect buffer overrun attacks).
[ Show » <https://jira.secondlife.com/browse/VWR-828> ]
Nicholaz Beresford
<https://jira.secondlife.com/secure/ViewProfile.jspa?name=Nicholaz+Beresford>
[26/May/07 04:15 PM] I kept digging into this, but I guess that less
than trivial. There seem to be two issues playing into each other 1) a
packet is received and decoded an on the way one of the checks fails,
seeing that decoding goes beyond the expected end. The packet type is
DeRezAck and either there is a malformed packet packet of this type sent
by the server or the decoding is wrong (or of course it's something
else). 2) when the system detects the problem, it tries to write an
error to the log (llwarns << "blah blah") in
LLMessageSystem::dumpPacketToLog(). The bad news is that this overwrites
something in the underlying object, i.e. that std::iostream operation
seems to be overwriting buffers which then causes an exception in the
Microsoft classes (the exception is probably designed to detect buffer
overrun attacks).
A stack and some other informations are at
https://jira.secondlife.com/browse/VWR-828
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.secondlife.com/pipermail/sldev/attachments/20070527/9e577125/attachment.htm
More information about the SLDev
mailing list