Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 146887

Summary: Clean up Reader.cpp Windows event log reader program
Product: z_Archived Reporter: Dave Smith <smith>
Component: TPTP.monitoringAssignee: Cindy Jin <jx_china>
Status: CLOSED FIXED QA Contact:
Severity: normal    
Priority: P1 Keywords: plan
Version: unspecified   
Target Milestone: ---   
Hardware: PC   
OS: Windows 2000   
Whiteboard: closed460
Attachments:
Description Flags
Reader.cpp
none
Reader.cpp to address the memory leaking problem none

Description Dave Smith CLA 2006-06-13 14:23:46 EDT 
The Reader.cpp Windows event log reader program that is used to convert the log to a text file so it can be parsed by GLA should be cleaned up.  There is some code that potentially could cause buffer overruns.  For example the following code is included in GetDescriptionString:

	// Since the description text could not be retrieved get the message strings
	*pMessage = new char[(record->DataOffset - record->StringOffset) + 5];
	DWORD recordStringStart = (DWORD)record + record->StringOffset;
	LPSTR recordString = (LPSTR)recordStringStart;


	// initialize the array to nulls
	memset(*pMessage, NULL, (record->DataOffset - record->StringOffset));

	for (int i=0; i < record->NumStrings; i++)
	{
		removeNewLine(recordString);
		strcat(*pMessage, recordString);
		strcat(*pMessage, " ");
		recordStringStart = recordStringStart + strlen(recordString) + 1;
		recordString = (LPSTR)recordStringStart;
	}

The array in pMessage may not be allocated large enough to hold all of the strings and the initialization of the array to NULL's does not cover all of the array (eg the 5 extra bytes allocated).  This new array is not freed so there is a memory leak.

The string returned by FormatMessage is never freed either.  See documentation for FormatMessage.

Also, comments should be added to the code to make it more maintainable.
Comment 1 Dave Smith CLA 2006-06-13 14:25:06 EDT 
This will be a candidate for fixing in 4.3.
Comment 2 Cindy Jin CLA 2006-10-23 11:41:31 EDT 
Cannot contain in TPTP V4.3(i3)
Comment 3 Dave Smith CLA 2007-01-17 22:52:09 EST 
Added sizing.
Comment 4 Dave Smith CLA 2007-02-06 02:54:44 EST 
Targetting to i3 and increasing priority to indicate it is planned for 4.4.
Comment 5 Cindy Jin CLA 2007-05-03 15:00:55 EDT 
Created attachment 65822 [details]
Reader.cpp
Comment 6 Cindy Jin CLA 2007-05-04 18:38:05 EDT 
Created attachment 65975 [details]
Reader.cpp to address the memory leaking problem
Comment 7 Dave Smith CLA 2007-05-07 00:44:39 EDT 
Committed fixed reader.cpp file to TPTP Head CVS.
Comment 8 Paul Slauenwhite CLA 2009-06-30 09:53:05 EDT 
As of TPTP 4.6.0, TPTP is in maintenance mode and focusing on improving quality by resolving relevant enhancements/defects and increasing test coverage through test creation, automation, Build Verification Tests (BVTs), and expanded run-time execution. As part of the TPTP Bugzilla housecleaning process (see http://wiki.eclipse.org/Bugzilla_Housecleaning_Processes), this enhancement/defect is verified/closed by the Project Lead since this originator of this enhancement/defect has an inactive Bugzilla account and considered to be fixed. If this enhancement/defect is still unresolved and reproducible in the latest TPTP release (http://www.eclipse.org/tptp/home/downloads/), please re-open.