Classification: C++ Category: Client-Server
Created: 05/29/2008 Modified: 06/03/2008
Number: FAQ-1640
Platform: Symbian OS v9

Question:

Why shouldn't I package a descriptor for sending via client-server?

Answer:

You shouldn't package a descriptor for sending via client-server because it introduces unnecessary server vulnerabilities.


    The kernel validates the integrity of any descriptor sent via the client-side RMessage2, ensuring that it can be saftely read server-side. Hence if you package a descriptor (using TPckg etc) the package will be validated and can saftely be read server-side. However the packaged data is not validated, so there is no guarantee that the data is itself valid; a packaged descriptor could potentially panic the server if read.

    Consider the example below:
    {code}
    class TFoo
    {
    public:
    TBuf<10> iBar;
    ...
    }
    {code}

    When the client passes a TFoo using TPckg, the kernel validates the package descriptor itself, not the content. If iBar is invalid (by accident or malicious intent) reading iBar will panic, thereby crashing the server.
Legal Disclaimer | Privacy Policy | Sitemap | Media center | Contact us | © 2008 Symbian Ltd