\u306a\u3093\u30682\u5e74\u307b\u3069\u8106\u5f31\u306a\u72b6\u614b\u304c\u7d9a\u3044\u3066\u3044\u305f\u3068\u3044\u3046\u4e8b\u3067\u3059\u304c\u3001\u305d\u306e\u5185\u5bb9\u306f\u8106\u5f31\u6027\u3092\u3064\u3044\u305f\u30b3\u30d4\u30fc\u304c\u3067\u304d\u305f\u3068\u3044\u3046\u3082\u306e\u3089\u3057\u3044\u3002<\/p>\n
\u30bd\u30fc\u30b9\u3058\u305f\u3044\u306f\u7c21\u5358\u306b\u624b\u306b\u5165\u308b\u3057\u3001\u30bd\u30fc\u30b9\u306fC\u8a00\u8a9e\u3067\u66f8\u304b\u308c\u3066\u3044\u308b\u3057\u3001\u3068\u306a\u308a\u307e\u3059\u3068\u4eca\u3053\u3053\u3067\u89e6\u308c\u3066\u304a\u304b\u306a\u3044\u7406\u7531\u304c\u306a\u3044\u3063\u3059\u3002\u3063\u3066\u3053\u3068\u3067\u3001\u514e\u306b\u3082\u89d2\u306b\u3082\u305d\u30fc\u3059\u306b\u89e6\u308c\u3066\u304a\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n
\u4f7f\u3063\u305f\u30d0\u30fc\u30b8\u30e7\u30f3\u306f\u3053\u3061\u3089\u3002\u3067\u3059\u304c\u3001\u5b89\u5fc3\u3057\u3066\u307b\u3057\u3044\u306e\u306f1.0.1e\u3092\u4f7f\u3063\u3066\u3044\u308bRH\u7cfb\u30af\u30ed\u30fc\u30f3\u3092\u4f7f\u3063\u3066\u308b\u4eba\u306f\u3061\u3083\u3093\u3068\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3057\u3066\u6700\u65b0\u7248\u306e\u3082\u306e\u3060\u3063\u305f\u3089OK\u3067\u3059\u3002
\n\u305f\u3060\u3057\u8106\u5f31\u6027\u306e\u3042\u308b\u3068\u304d\u306b\u4f5c\u3063\u3066\u305f\u8a3c\u660e\u66f8\u306f\u30c0\u30e1(\u306a\u53ef\u80fd\u6027\u304c\u9ad8\u3044)\u304b\u3089\u4f5c\u308a\u76f4\u305d\u3046\u3002<\/p>\n
% ls -l \/home\/takeken\/openssl-1.0.1f\/ssl\/d1_both.c\r\n-rw-r--r--\u00a0 1 takeken\u00a0 takeken\u00a0 44390 Jan\u00a0 6 22:47 \/home\/takeken\/openssl-1.0.1f\/ssl\/d1_both.c\r\n\r\n% ls -l \/home\/takeken\/openssl-1.0.1g\/ssl\/d1_both.c\r\n-rw-r--r--\u00a0 1 takeken\u00a0 takeken\u00a0 44715 Apr\u00a0 8 01:54 \/home\/takeken\/openssl-1.0.1g\/ssl\/d1_both.c<\/pre>\nf\u304c\u8106\u5f31\u306a\u3082\u306e\u3067g\u304c\u4fee\u6b63\u3055\u308c\u305f\u3082\u306e\u3067\u3054\u3056\u3044\u3067\u3059\u3002
\n\u6642\u523b\u304c\u65b0\u3057\u3044\u306a\u3042\u3002<\/p>\n\u89e3\u8aac\u30b5\u30a4\u30c8\u3092\u3058\u3063\u304f\u308a\u8aad\u307f\u306a\u304c\u3089\u8abf\u3079\u3066\u66f8\u3044\u3066\u3068\u3057\u3066\u3044\u308b\u306e\u3067\u3001\u3044\u3064\u3082\u3060\u3051\u3069\u3064\u305f\u306a\u3044\u6587\u7ae0\u3067\u3054\u3081\u3093\u306a\u3055\u3044\u3001\u982d\u306e\u4e2d\u3067\u306f\u305d\u3053\u305d\u3053\u307e\u3068\u307e\u3063\u305f\u3082\u306e\u3092\u66f8\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002
\n\u89e3\u8aac\u30b5\u30a4\u30c8\u3067\u53d6\u308a\u4e0a\u3052\u3066\u3044\u308b\u95a2\u6570\u306f\u3001tls1_process_heartbeat(SSL *s)\u3068\u3044\u3046\u3084\u3064\u3067\u3057\u305f\u3002<\/p>\n<\/p>\n
\u307e\u305a\u306f\u3001\u3069\u3046\u3044\u3046\u3082\u3093<\/span>\u304b\u3092\u81ea\u5206\u306a\u308a\u306b\u8abf\u3079\u305f\u3053\u3068\u3092\u3056\u3063\u304f\u308a\u3068<\/span>\u66f8\u304f\u3068\u3001\u307e\u305a\u57fa\u672c\u7684\u306a\u3053\u3068\u306fHeartBeat message\u3068\u3044\u3046\u306e\u3092\u30b5\u30fc\u30d0\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3067\u3084\u308a\u3068\u308a\u3059\u308b\u3089\u3057\u3044\u3002
\n\u30ea\u30af\u30a8\u30b9\u30c8\u304c\u6765\u305f\u3089\u8fd4\u3059\u3002\u3068\u3044\u3046\u57fa\u672c\u7684\u306a\u3082\u306e\u3002\u3086\u3048\u306b\u8106\u5f31\u3060\u3063\u305f\u3068\u3044\u3046\u4e8b\u306e\u3088\u3046\u3067\u3059\u3002<\/p>\n\u305d\u30fc\u3059\u3092\u7247\u624b\u306b\u8aad\u3093\u3067\u307b\u3057\u3044\u306e\u3060\u3051\u3069<\/p>\n
\u3053\u308c\u304c<\/p>\n
unsigned char *p = &s->s3->rrec.data[0], *pl;\r\nunsigned int payload;\r\n\r\n1464\u00a0\u00a0\u00a0\u00a0 n2s(p, payload);\r\n1465\u00a0\u00a0\u00a0\u00a0 pl = p;<\/pre>\n\u3053\u308c\u3067\u3001\u3053\u308c\u306a\u3082\u3093\u3067\u3002<\/p>\n
1481\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 buffer = OPENSSL_malloc(1 + 2 + payload + padding);\r\n1482\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 bp = buffer;\r\n\r\n1486\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 s2n(payload, bp);\r\n1487\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 memcpy(bp, pl, payload);<\/pre>\n\u30b3\u30d4\u30fc\u3055\u308c\u3061\u3083\u3044\u307e\u3059\u3002\uff08memcpy\u306e\u3053\u3068\u306f\u5f8c\u306e\u65b9\u306b\u66f8\u3044\u3066\u307e\u3059\u3002\uff09
\npayload\u306e\u30c1\u30a7\u30c3\u30af\u304c\u306a\u3044\u72b6\u614b\u3067\u3057\u305f\u3002<\/p>\n\u305d\u3057\u3066\u4fee\u6b63\u3055\u308c\u305f\u3082\u306e\u306b\u306f\u3001payload\u3092\u30c1\u30a7\u30c3\u30af\u3059\u308b\u305f\u3081\u306eunsigned int write_length\u304c\u3067\u304d\u305f\u3088\u3046\u3067\u3059\u3002<\/p>\n
\u3053\u308c\u304c<\/p>\n
1471\u00a0\u00a0\u00a0\u00a0 n2s(p, payload);\r\n1472\u00a0\u00a0\u00a0\u00a0 if (1 + 2 + payload + 16 > s->s3->rrec.length)\r\n1473\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 return 0; \/* silently discard per RFC 6520 sec. 4 *\/\r\n1474\u00a0\u00a0\u00a0\u00a0 pl = p;<\/pre>\n\u3053\u308c\u3067\u3001\u3053\u308c\u306a\u3082\u3093\u3067\u3002<\/p>\n
1479\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 unsigned int write_length = 1 \/* heartbeat type *\/ +\r\n1480\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 2 \/* heartbeat length *\/ +\r\n1481\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 payload + padding;\r\n\r\n1491\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 buffer = OPENSSL_malloc(write_length);\r\n1492\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 bp = buffer;\r\n\r\n1486\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 s2n(payload, bp);\r\n1487\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 memcpy(bp, pl, payload);<\/pre>\n\u3053\u3053\u3060\u3051\u629c\u7c8b\u3057\u305f\u30d7\u30ed\u30b0\u30e9\u30e0\u306a\u3089\u540c\u3058\u521d\u7d1a\u8005\u3067\u3082\u5206\u304b\u308b\u3068\u601d\u3046\u3002
\nn2s\u306a\u3089\u3073\u306bs2n\u306f\u95a2\u6570\u5f62\u5f0f\u30de\u30af\u30ed\u3067\u30b3\u30d4\u30fc\u306e\u5b9a\u7fa9\u304c\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n\u5168\u4f53\u3067\u898b\u308b\u3068\u8a33\u304c\u308f\u304b\u308a\u307e\u305b\u3093\u306a\u3002\u3067\u3082\u305d\u3053\u306f\u4eca\u306f\u91cd\u8981\u3058\u3083\u306a\u3044\u3093\u3060\uff01\u3068\u8a00\u3044\u805e\u304b\u305b\u308b\u3002<\/p>\n
<\/p>\n
\u3093\u3067\u3001\u3055\u3063\u304d\u306epayload\u3092\u60aa\u7528\u3059\u308b\u3068\u3001\u30e1\u30e2\u30ea\u9818\u57df\u306e64k\u30d0\u30a4\u30c8\u3092\u30b3\u30d4\u30fc\u3067\u304d\u3061\u3083\u3046\u3068\u3044\u3046\u4e8b\u3089\u3057\u3044\u3002
\n\u3088\u3046\u306f\u76d7\u307e\u308c\u308b\u3068\u3044\u3046\u4e8b\u3060\u306d\u3002
\n\u3066\u3044\u3063\u3066\u308264k\uff5e(\u7b11)\u3001\u3063\u3066\u601d\u3046\u304b\u3082\u3057\u308c\u306a\u3044\u3051\u3069\u30011\u56de\u306764k<\/span>\u306a\u3093\u3067\u3001\u4f55\u56de\u3082\u3084\u308c\u3070\u3082\u3063\u3068\u591a\u3044\u306e\u3060\u3002<\/p>\n64\uff4b\u30d0\u30a4\u30c8\u3068\u3044\u3046\u3068\u3001\u30d5\u30a1\u30df\u30b3\u30f3\u306e\u30b9\u30fc\u30d1\u30fc\u30de\u30ea\u30aa\u30d6\u30e9\u30b6\u30fc\u30ba\u304c40k\u30d0\u30a4\u30c8\u3063\u3066\u306e\u3092\u57fa\u6e96\u306b\u3059\u308b\u3068\u308f\u308a\u3068\u3067\u304b\u3044\uff08\u3088\u3046\u306b\u611f\u3058\u308b\uff09\u306d\u3002<\/p>\n
memcpy\u3092\u5fd8\u308c\u3066\u305f\u306d\u3002<\/p>\n
\u540d\u524d\r\nmemcpy - \u30e1\u30e2\u30ea\u9818\u57df\u3092\u30b3\u30d4\u30fc\u3059\u308b\u3002 \r\n\r\n\u66f8\u5f0f\r\n\u3000\u3000\u3000#include <string.h<\/a>><\/b>\r\n\u3000\u3000\u3000void *memcpy(void *<\/b>dest<\/i>, const void *<\/b>src<\/i>, size_t <\/b>n<\/i>);\r\n\r\n<\/b>\u8aac\u660e\r\nmemcpy<\/b>() \u306f\u30e1\u30e2\u30ea\u9818\u57df src<\/i> \u306e\u5148\u982d n<\/i> \u30d0\u30a4\u30c8\u3092 \u30e1\u30e2\u30ea\u9818\u57df dest<\/i> \u306b\u30b3\u30d4\u30fc\u3059\u308b\u3002\r\n\u30b3\u30d4\u30fc\u5143\u306e\u9818\u57df\u3068 \u30b3\u30d4\u30fc\u5148\u306e\u9818\u57df\u304c\u91cd\u306a\u3063\u3066\u306f\u306a\u3089\u306a\u3044\u3002\u91cd\u306a\u3063\u3066\u3044\u308b\u5834\u5408\u306f memmove<\/a><\/b>(3)\r\n \u3092\u4f7f\u3046\u3053\u3068\u3002\r\n\r\n\u8fd4\u308a\u5024\r\nmemcpy<\/b>() \u306f dest<\/i> \u3078\u306e\u30dd\u30a4\u30f3\u30bf\u3092\u8fd4\u3059\u3002<\/pre>\n\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u3002<\/p>\n
\u30cd\u30c3\u30c8\u30e6\u30fc\u30b6\u30fc\u306b\u3064\u3044\u3066\u306f\u554f\u984c\u306a\u3044\u304b\u3068\u601d\u3044\u304d\u3084\u3001\u60aa\u610f\u3092\u6301\u3063\u3066\u30b5\u30fc\u30d0\u30fc\u3092\u7528\u610f\u3057\u3066\u304a\u3044\u3066\u3001\u9006\u306b\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304b\u3089\u306e\u30c7\u30fc\u30bf\u3082\u30b3\u30d4\u30fc\u3067\u304d\u3061\u3083\u3046\u3089\u3057\u3044\u3002<\/p>\n
<\/p>\n
\u3068\u3044\u3046\u4e8b\u3067\u3001\u6b21\u56de\u3082\u3053\u306e\u30cd\u30bf\u3067\u3044\u304d\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n
<\/p>\n