redddcyclone
commented
6 months ago Hi @g-bougard
You're right, I forgot to do some basic checks. I commited the change you requested, could you check if anything is missing?
d7050a2
Thanks!
Closed g-bougard closed 6 months ago
redddcyclone
commented
6 months ago Hi @g-bougard
You're right, I forgot to do some basic checks. I commited the change you requested, could you check if anything is missing?
d7050a2
Thanks!
g-bougard
commented
6 months ago Thank you
Hi @redddcyclone
in your last commits, I see you are now using asynchronous http requests. That's great. But it seems to me you're missing to check the answer size from there: https://github.com/redddcyclone/glpi-agentmonitor/blob/435c716914078dfd20cfc364ca22ea3bcd6589be/GLPI-AgentMonitor.cpp#L237
And the buffer you're using is very limited: 128 bytes
That size is okay for the glpi-agent status expected answer. And I agree this should just work as you are just checking glpi-agent status which will look like
status: waitingmost of the time. But indeed, you have no guaranty you're requesting an agent and even it will always answer with a short answer.First you need to validate
dwSizeis not greater or equal to buffer size (not equal as you're expecting a string and want to set a null char after the last char).Secondly, you also must check
dwDownloadedis lower than buffer size to be sure you set a null char in the buffer and not outside.If none of the 2 checks is correct, you must at least reject the answer.