C套接字溢出内存

时间:2012-01-30 21:39:59

标签: c sockets x11 vnc xserver

我正在编写自定义VNC服务器客户端。但是,每次执行159次命令后,服务器崩溃。我无法弄清楚它崩溃的原因,但它似乎是某种内存溢出。套接字或std-i / o是否可以填满?或者更可能是我的X控件?

源代码:

#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <sys/wait.h>
#include <sys/select.h>
#include <X11/Xlib.h>
#include <X11/Xutil.h>
#include <X11/extensions/XTest.h>



void dostuff(int);


void error(const char *msg)
        {
        perror(msg);
        exit(1);
        }

int main(int argc, char *argv[])
        {
        int sockfd, newsockfd, portno, pid;
        socklen_t clilen;
        struct sockaddr_in serv_addr, cli_addr;

        if (argc < 2)
                {
                fprintf(stderr,"ERROR, no port provided\n");
                exit(1);
                }
     sockfd = socket(AF_INET, SOCK_STREAM, 0);
     if (sockfd < 0)
        error("ERROR opening socket");
     bzero((char *) &serv_addr, sizeof(serv_addr));
     portno = atoi(argv[1]);
     serv_addr.sin_family = AF_INET;
     serv_addr.sin_addr.s_addr = INADDR_ANY;
     serv_addr.sin_port = htons(portno);
     if (bind(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0)
              error("ERROR on binding");
     listen(sockfd,5);
     clilen = sizeof(cli_addr);


        while (1)
                {
                newsockfd = accept(sockfd,
                (struct sockaddr *) &cli_addr, &clilen);
                if (newsockfd < 0)
                error("ERROR on accept");
                pid = fork();
                if (pid < 0)
                        error("ERROR on fork");
                if (pid == 0)
                        {
                        close(sockfd);
                        dostuff(newsockfd);
                        exit(0);
                        }
                else close(newsockfd);
                signal(SIGCHLD,SIG_IGN);
                }

        /* end of while */
        close(sockfd);
        return 0; /* we never get here */
}

/******** DOSTUFF() *********************
 There is a separate instance of this function
 for each connection.  It handles all communication
 once a connnection has been established.
 *****************************************/
void dostuff (int sock)
{
while(1)
        {
        fflush(stdout);

        int n;
        char buffer[64];

        bzero(buffer,64);
        printf("START:\n");
        n = read(sock,buffer,63);
        printf("buffer[1]: %d \n", buffer[1]);
        if (n < 0) error("ERROR reading from socket");


        Display *thedisplay;
        Window thewindow;
        int screen;
        screen=buffer[0]-48; //first element is always the screen number
        printf("screen = %d \n", screen);

        thedisplay=XOpenDisplay(NULL);
        thewindow=XRootWindow(thedisplay,screen);
        int screenwidth = DisplayWidth(thedisplay, screen);
        int screenheight = DisplayHeight(thedisplay, screen);
        printf("width: %d, height %d \n", screenwidth, screenheight);

        printf("buff[1] = %d \n", buffer[1]);

        //switch on second char
        switch(buffer[1])
        {
        case 109: // second element == 'm' we treat it like a mousemove

                printf("mousemovement\n");
                int xcoord = 100*(buffer[3]-48)+10*(buffer[4]-48)+1*(buffer[5]-48);
                int ycoord = 100*(buffer[7]-48)+10*(buffer[8]-48)+1*(buffer[9]-48);
                if (buffer[2]==49) xcoord = xcoord*(-1);
                if (buffer[6]==49) ycoord = ycoord*(-1);
                //printf("dx: %d, dy: %d \n", xcoord, ycoord);
                Window windowreturned;
                int xroot, yroot, xwin, ywin, mask_return;
                XQueryPointer(thedisplay, thewindow, &windowreturned, &windowreturned, &xroot, &yroot, &xwin, &ywin, &mask_return);
                //printf("xroot X: %d  Y: %d  \n", xroot, yroot);
                //printf("xcoord+xroot %d %d \n", xcoord+xroot, ycoord+yroot);
                //printf("screenwidth %d %d \n", screenwidth, screenheight);
                if (xcoord+xroot > 0 && xcoord+xroot < screenwidth && ycoord+yroot>0 && ycoord+yroot<screenheight)
                    {
                    //printf("good to go\n");
                    XWarpPointer(thedisplay,None,None,0,0,0,0,xcoord,ycoord);
                    XSync(thedisplay, False);
                    }
                break;
        case 107: //second element is a 'k' so we sendkey
                SendKey (thedisplay, buffer[2]);
                break;
        case 98: // b us for mousebutton. 1 is leftclick, 2 is middle click, 3 is right click, 4 us up-scroll, 5 is downscroll
                XTestGrabControl(thedisplay, True);
//              XTestFakeButtonEvent(thedisplay, 1, True, 0);
//              XTestFakeButtonEvent(thedisplay, 1, False, 0);
                XTestFakeButtonEvent(thedisplay, buffer[2]-48, True, 0);
                XTestFakeButtonEvent(thedisplay, buffer[2]-48, False, 0);
                XSync (thedisplay, False);
                XTestGrabControl (thedisplay, False);
                break;
        case 99: //second element is 'c', so we center on the screen

                XWarpPointer(thedisplay,None,thewindow,0,0,0,0,screenwidth*.5,screenheight*.5);
                XSync(thedisplay, False);
                break;

        default:
                close(sock);
                error("ERROR incorrect formattttttt\n");
                break;
        }

    printf("got this far\n");
    n = write(sock,"spanks\n",6);
    if (n < 0) error("ERROR writing to socket\n");

 }
}

3 个答案:

答案 0 :(得分:1)

简单地调用read并不能保证你将收到所有63个字节或者你收到了你希望的63个字节。我建议你以某种方式确定你需要接收多少数据(发送数据长度)首先)然后将recv函数放在循环中,直到你拥有所有数据..还应该检查发送函数(来自客户端)。

答案 1 :(得分:0)

尝试在dostuff()结束时关闭套接字怎么样? 服务器可能会有太多的开放连接。

答案 2 :(得分:0)

解决方案:错误是XOpenDisplay在无限循环内部而未被关闭。我只是在dostuff()中的无限循环之前移动了XOpenDisplay命令。

实际上这不是套接字错误。