Hello,
We are currently working on a Web server on an ARM Cortex-M7 to transmit JSON string via HTTP and CGI. When sending TCP / IP packets (2 or 3 TCP segments), an error occurred: net_sys_error NET_ERROR_MEM_CORRUPT. This error occurs randomly after X send TCP / IP packets.
Before the error occurs, the HTTP server sends only one TCP segment (1440 bytes) instead of 3 TCP segment (2989 bytes). We can not find the cause of the problem.
Card: STM32F769I
Versions: HTTP_Server_FS.c: v7.2.0 HTTP_Server_CGI.c: v7.0.0 Net_Config.c: v7.7.0 (variant IPv4 / IPv6 Release) Net_Config_HTTP_Server.c: v7.0.0"
Config: Net_Config.c Core Thread Stack Size : 5120 bytes
Net_Config_ETH_0.h Interface Thread Stack Size : 1024 bytes
startup_stm32f769xx.s Stack Size : 800 bytes Heap Size : 8190 bytes
RTX_Conf_CM.c Number of threads with user-provided stack size : 2 Total stack size for threads with user-provided stack size : 6144 bytes
Thanks in advances,
Best regards
This usually happens when you write more data than the available space in the buffer. Check the following function:
uint32_t netCGI_Script (const char *env, char *buf, uint32_t buflen, uint32_t *pcgi)
You can not write more than buflen bytes. If you do this, you overwrite the internal memory management information, and this causes the error.
Do you mean, "you must not write more than buflen bytes".
The whole thing with buffer-overflow errors is that you can do it - but you should not!
;-)
Andrew Neil, do you always have to be such a ***? Frank works for Keil and doesn't need your pedantic remarks.
Yes exactly.
Sorry for the mess.
Andrew: Yes, that's exactly what I mean.
Hello thanks for your response.
My function netCGI_Script writes according to the value of buflen. I do not exceed the available space: I make several calls to the function to write the whole of my answer :
len = sprintf (buf, "%s", &response[*pcgi]); // If response is larger than a TCP / IP segment (1440 bytes) if (len > buflen) { len = buflen; *pcgi += len; len |= (1U<<31); }
This code allows the sending of my data on 1 to n TCP segments. But after a certain occurrence (not defined because random), the function sends me only one segment instead of 3, and the error occurs
I do not exceed the available space:
That's an exceptionally brave statement to make about a code snippet that starts with this line:
len = sprintf (buf, "%s", &response[*pcgi]);
If you're going to have a buffer overflow, you will have already have caused it right here.
View all questions in Keil forum