From b9ec2cdc23b77fd86b69ba884c5513f3f71cf025 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Sun, 14 Jul 2013 13:23:11 -0400 Subject: Add fudge factor in subscription sharding Header lengths are not constant-size because Zcode escapes bytes 0xFF and 0x00 into two bytes. If we end up filling up close to all the space we have and Z_SendFragmentedNotice then computes a header length larger than ours by enough, the message gets fragmented. Getting it fragmented is especially unfortunate because only the first of a fragmented notice ever has a SERVACK survive. (They all get SERVACKs, but libzephyr kindly drops all but the first on the floor.) This isn't a watertight fix; we may get really really unlucky and blow up 13 bytes in the authenticator and checksum. But that's not likely, and a proper fix would involve either computing based on the maximum possible authenticator size (wasteful and hard to bound tightly) or changing to protocol to use a less inappropriate encoding. --- lib/ZSubs.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/ZSubs.c b/lib/ZSubs.c index a3d0b78..e0d39ee 100644 --- a/lib/ZSubs.c +++ b/lib/ZSubs.c @@ -85,8 +85,11 @@ ZSubscriptions(register ZSubscription_t *sublist, char **list; char *recip; int hdrlen; - int size_avail = Z_MAXPKTLEN-Z_FRAGFUDGE; /* space avail for data, - adjusted below */ + /* Space available for data, adjusted below. Take off Z_FRAGFUDGE twice. + The first is to account for Z_SendFragmentedNotice's space. The second + to account for hdrlen not being constant. Zcode escapes bytes 0x00 and + 0xFF, so some bytes are encoded as two bytes. */ + int size_avail = Z_MAXPKTLEN-Z_FRAGFUDGE-Z_FRAGFUDGE; int size, start, numok; /* nitems = 0 means cancel all subscriptions; still need to allocate a */ -- cgit v1.2.3