Sign in to follow this  

Async Sockets, Buffer Size Issue

This topic is 2662 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Greetings all.

I've recently been playing around with asynchronous sockets in .net, and ran into a bit of a problem. With blocking sockets I can check to see how much data is waiting to be read and read only that, but with async functions I have to specify a buffer size before knowing how much data there is. If a packet is larger than the buffer, it is broken into multiple chunks and the Read function has to return multiple times to get the whole packet. I've built a layer on top of the sockets that merges these chunks and sends the newly rebuilt message forward. On the client side I'm encapsulating the packet with a message length integer and thats how I know that a packet is complete.

Here's the problem I see. If someone wanted to be a pain in the neck, could they manipulate the 'message size' portion of the packet to something like 0xFFFFFFFF? If they did, what would happen? Likely their client would seem to 'freeze' as their connection on the server side would be trying to build this massive packet and would not respond to any messages sent. The 'frozen' effect would likely cause the hacker to disconnect, thus closing the connection without causing any real damage.

However, if someone knew what was happening on the server side, they could exploit that to quickly overload the RAM on the server, by forcing it to build this huge buffer. Thus crashing the server.

I seem to have stumped myself on how to handle this gracefully. Most tutorials and articles seem focused exclusively on how to set up the sockets, and not how to handle this situation.

Any tips?

Share this post


Link to post
Share on other sites

This topic is 2662 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this