开发者

Boost Serialization - No archive_exception when deserializing corrupt data anymore?

问答 作者:

Months ago I implemented a component which receives data via UDP-network, deserializes it via Boost::Serialization and starts working with the incoming objects.

After some time of using this component random crashes occured, which I could solve when finding out that someone else is sending data to my UDP-Port.

I solved this problem by simply adding a try/catch around the deserialization:

try
{
    boost::archive::text_iarchive inputArchive(incomingData);
    inputArchive >> givenElements; //the actual deserialization, here the exception has been thrown in the past
}
catch( boost::archive::archive_exception& ex )
{
    std::cout << "Archive Exception during deserializing:" << std::endl;
    std::cout << ex.what() << std::endl;
    std::cout << "Incom开发者_如何学JAVAing data had the following content:" << std::endl;
    std::cout << dataStream.str() << std::endl;
}

The above code sorted out any foreign/corrupt data coming in via network and just deserializes data which was meant to be.

Back then I worked with an older Boost-Version (I don't know really well, 1.44, 1.42?) on a Linux-Machine.

Currently I have to use the component again on a Windows XP machine with a fairly new Boost 1.46.1. Now the problem is, that the try/catch does not seem to filter the foreign/corrupt data anymore. As far as something from that code is incoming, my application crashes without any error-message.

It is not possible for me to change the Port I'm listening to. Besides that I want to create a robust application which ignores data it could not work with instead of crashing.

I'm now wondering if anyone has an idea why this effect occurs? Has Boost been getting less robust? Is this something with the OS? I have no idea and hope this is kind of a question someone who is "more into Boost" could answer.

My answer is not directly related to boost serialization but it is always a good idea to do some validation on incoming data from network before entering deeper logic.

Before diving deep into boost serialization I suggest you :

  1. Check the size of UDP packet
  2. If you are using some kind of header do some validation
  3. Whatever seems appropriate for you case

and then try to deserialize the packet. This way you can filter out foreign packets yourself instead of *relying on boost.

继续阅读:serialization

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9