[ros-users] Debuggin ROS_COMM deserializer

Cedric Pradalier cedric.pradalier at gmail.com
Wed Nov 28 16:09:51 UTC 2012 

Hi,

last time I checked, some of the deserialization code was actually
endianness specific (if I'm not mistaken), in particular the length of the
message... This could lead easily to a buffer overrun.

I'll try to point out the little bit of code later today.

Regards


On Tue, Nov 27, 2012 at 5:53 PM, Claudio Carbone <cla_carbone at tiscali.it>wrote:

>  Hello all.
>
> I built ros from source on an ARM armv5tejl platform.
> Compilation, linking and running nodes all work, but messages have
> problems:
>
> [ERROR] [1353939756.715474051]: Exception thrown when deserializing message of length [164] from [/add_two_ints_server]: Buffer Overrun
>
>
> Now having checked *message_deserializer.cpp* I know where this error
> originates, but I don't have any means to debug this.
> The problem happens when any node is run on the arm platform: meaning that
> if I run the core on my laptop together with a listener, and the talker on
> the arm, the /rosout reports this error, and the same if any of these three
> nodes is run on the arm.
>
> If all nodes are run on x86 computers on the same network, everything is
> fine.
>
> So I continued searching for a byte-buffer as the buffer mentioned in the
> serialization protocol is a message buffer and overrunning that would mean
> dropping messages, not the inability to deserialize.
> So in topic_manager.cpp  line 638 finally a buffer appears whose size is
> parametrized on header_bytes.size.
> Header_bytes is assigned as proto[n]
>       if (proto.size() != 5 ||
>           proto[1].getType() != XmlRpcValue::TypeBase64 ||
>           proto[2].getType() != XmlRpcValue::TypeString ||
>           proto[3].getType() != XmlRpcValue::TypeInt ||
>           proto[4].getType() != XmlRpcValue::TypeInt)
>
> in topic_manager.cpp
>
> and
>     if (proto.size() != 6 ||
>         proto[1].getType() != XmlRpcValue::TypeString ||
>         proto[2].getType() != XmlRpcValue::TypeInt ||
>         proto[3].getType() != XmlRpcValue::TypeInt ||
>         proto[4].getType() != XmlRpcValue::TypeInt ||
>         proto[5].getType() != XmlRpcValue::TypeBase64)
>
> in subscription.cpp
>
> Following these I find XmlRpcValue.cpp and XmlRpcValue.h but I can't find
> any numeric values anywhere.
> So I'm guessing these values are system-dependent and fetched externally.
> But from where? How can I manually set the buffer length?
>
> Thanks and regards
>
>
> --
>
> *Eng. Claudio Carbone
> Embedded Systems Design***
> **
>
> P.IVA: 11688471009
> tel: +393809017424
> email: Send email
>  <cla_carbone at tiscali.it>[image: My linkedin profile]<http://it.linkedin.com/in/embeddedesign/en>
>
> My Portfolio****
> [image: My portfolio site] <http://www.fusioncoredesign.it/>****
>
> ** **
>
> _______________________________________________
> ros-users mailing list
> ros-users at code.ros.org
> https://code.ros.org/mailman/listinfo/ros-users
>
>


-- 
Cedric Pradalier
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ros.org/pipermail/ros-users/attachments/20121128/e0e1ad3e/attachment-0004.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 11839 bytes
Desc: not available
URL: <http://lists.ros.org/pipermail/ros-users/attachments/20121128/e0e1ad3e/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 2321 bytes
Desc: not available
URL: <http://lists.ros.org/pipermail/ros-users/attachments/20121128/e0e1ad3e/attachment-0004.gif>

More information about the ros-users mailing list