buffer overflow problem

Im having problems with a server im writting, its possible to cause a buffer overflow.

thanks you for any help you can give.

buff is a std string

Code:

connection::ReadData() {
  FD_ZERO(&mask);
  FD_SET(s, &mask);

  select(s+1,&mask,NULL,NULL,&tv);

  char cstr[200]; int mark = 0;

  if(FD_ISSET(s, &mask)) {
    int num = recv (s, cstr, 200, 0);

    for(int i = 0; i < num; i++) {
      buff = buff + cstr[i];
      }

    for(int i = 0; i < strlen(buff.c_str()); i++) {
      if( buff[i] == '\n' ) {
        buff[i] = '\0';
        messageLog.Add(buff, p);
        mark = i;
        buff = "";
        }
      }

    }
}

Code:

    int num = recv (s, cstr, 200, 0);
    
    for(int i = 0; i < num; i++) {
      buff = buff + cstr[i];
      }

if num was 0 or 1, the next for statement wouldnt run. + the overflow only happens when someone piles in too much data.

- Renski -

Where is the ``buffer overflow''? You don't read too much data using recv( ), buff will dynamically be extended, and the last loop doesn't break anything either (at least not the code that can be seen, I don't know what messageLog::add( ) does...) How does the ``buffer overflow'' behave?

Thats what I thought, however I showed that code to someone else and they said that recv was the problem. It looks like they where wrong.

I must be doing something wrong further on...

thanks

- Renski -