I use WSARecv() to retrieve data from a socket using overlapped I/O and a custom callback function, and sometimes it sends back more data than I tell it to. I''ll send it a WSABuff object with the pointer to the buffer filled in with the address of my allocated buffer, and the length set to the length of the buffer, let''s say 1000 bytes. Once in a few thousand requests, it will send me back a few KB more than I asked for. The cbRecv variable in the callback, which is filled in by WSARecv at the time of call back with the amount of data recived, will read 1001+ bytes, which is, of course, larger than the buffer I gave it. This overflow is usually 1000 to 3000 bytes over. This damages memory, causes crashes, etc. Why does this happen? How do I error check for this if WSARecv is going to lie to me? The buffer is already written to, the damage is done. Does anyone know how to combat this?? ( other than trying to guess at padding out the buffers so overrun does not damage the existing memory ) "Victims...aren''t we all?" -Brandon Lee, the Crow

This is a very strange error; code might be useful.

As a preliminary question, are you absolutely certain that the buffer length specified in the WSABUF structures always matches the actual capacity of the buffer? Is there some computation that might intermittently produce an incorrect buffer size?

________________________________________________
RapscallionGL development continues...
"Optimal decisions, once made, do not need to be changed." - Robert Sedgewick, Algorithms in C

Actually, all the code of the project was broaght up in a previous post of mine.


http://www.gamedev.net/community/forums/topic.asp?topic_id=162377


I found the issue was with the creation of the HTTPSocket class these functions were part of. They had to be created with "new" and could not be allocated and initialized by hand. This is the same project, and this is the one lingering issue. The WSABuff object persists of course, and at the very begining of the callback, I have a quick check in there to determine if cbRevc is bigger than what I had told it in wsabuff.len, and on very rare occasion, it is. Does WSARecv() change the value in wsabuff.len for some reason? I thought that it just read the variables, but perhaps I'm wrong. Also, if the code from the other post does not help or you want specific code, tell me what you want to look at and I'll post it.

"Victims...aren't we all?"
-Brandon Lee, the Crow

[edited by - KaneBlackflame on June 27, 2003 10:37:57 AM]