EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Range Check Error in TelHttpsClient

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
Posted: 12/02/2010 14:37:14
by David Keith (Basic support level)
Joined: 12/02/2010
Posts: 2

I'm trying to track down a range check error that occurs in the SBHTTPSClient procedure TElHTTPSClient.DoData(Sender: TObject; Buffer: pointer; Size: longint);

On line 1549 this code is executing when the error occurs:

SetLength(FBuffer, Length(FBuffer) - FContentStart);

At this point in the execution FBuffer (a ByteArray) has a length of -0- while FContentStart has a value of 624. Easy to see how this would produce a range check error. So I know how the error is occuring, but I don't know why it is occuring.

At the time of the error I've attempted to navigate to 'https://www.google.com' which redirects to 'https://encrypted.google.com'. Here's how I make the call:

procedure TForm1.FormCreate(Sender: TObject);
  FHttpsClient := TWellHttpsSBB.Create;

{ TWellHttpsSBB }

constructor TWellHttpsSBB.Create(MsgList,ReqList,RespList: THandle);
  inherited Create;

procedure TWellHttpsSBB.Initialize(const MsgList,ReqList,RespList: THandle);

procedure TWellHttpsSBB.CreateHTTPS;
  FHttps := TelHTTPSClient.Create(Nil);
  with FHttps do
    CipherSuites[SB_SUITE_RSA_RC4_SHA] := False;
    CipherSuites[SB_SUITE_DHE_RSA_AES256_SHA] := True;
    HTTPProxyPort := 3128;
    HTTPVersion := hvHTTP11;
    IncomingSpeedLimit := 0;
    LocalPort := 0;
    OnCertificateValidate := httpsClientCertificateValidate;
    OnData := httpsClientData;
//    OnDocumentBegin := httpsClientDocumentBegin;
    OnDocumentEnd := httpsClientDocumentEnd;
    OnError := httpsClientError;
    OnKeyNeeded := httpsClientKeyNeeded;
    OnPreparedHeaders := httpsClientPreparedHeaders;
    OnProgress := httpsClientProgress;
    OnReceivingHeaders := httpsClientReceivingHeaders;
    OnRedirection := httpsClientRedirection;
    OnSendData := httpsClientSendData;
    OutgoingSpeedLimit := 0;
    OutputStream := FContentStream;
    PreferKeepAlive := True;
    RequestParameters.Accept := 'text/html, */*,text/xml';
    RequestParameters.UserAgent := 'Mozilla/3.0 (compatible; SecureBlackBox)';
    RequestParameters.ContentLength := -1;
    RequestParameters.ContentType := 'text/xml';
    RequestParameters.ContentRangeStart := -1;
    RequestParameters.ContentRangeEnd := -1;
    SendBufferSize := 65535;
    SocksAuthentication := saNoAuthentication;
    SocketBinding.Port := 0;
    SocketBinding.PortRangeFrom := 0;
    SocketBinding.PortRangeTo := 0;
    SSLEnabled := True;
    UseDigestAuth := False;
    UseHTTPProxy := False;
    UseNTLMAuth := False;
    Versions := [sbSSL3];
    WebTunnelPort := 3128;

procedure TForm1.btnOpenClick(Sender: TObject);
  html: String;
  // get method
  html := FHttpsClient.Get(edit1.Text);

function TWellHttpsSBB.Get(const AUrl: String): String;
  amsg: msg;
    while FTotal > FCurrent do
    Result := FData.Text;

Here's some additional info on the exception from Eurekalog:
EurekaLog 6.0.24

2.1 Date : Thu, 2 Dec 2010 15:44:48 -0500
2.2 Address : 00409415
2.3 Module Name : HTTPSSBBTest.exe
2.4 Module Version:
2.5 Type : ERangeError
2.6 Message : Range check error.
2.7 ID : 580B
2.8 Count : 1
2.9 Status : New
2.10 Note :

Active Controls:
4.1 Form Class : TForm1
4.2 Form Text : HTTPS Tester - Secure Black Box 7.x
4.3 Control Class: TEdit
4.4 Control Text :

Operating System:
6.1 Type : Microsoft Windows XP
6.2 Build # : 2600
6.3 Update : Service Pack 3
6.4 Language: English
6.5 Charset : 0

Call Stack Information:
|Address |Module |Unit |Class |Procedure/Method |Line |
|Running Thread: ID=1944; Priority=0; Class=; [Main] |
|00687AF2|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |DoData |1549[78] |
|0067D9EA|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|DoData |9327[2] |
|0067139B|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|SSL3ParseApplicationData|4718[1] |
|00671380|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|SSL3ParseApplicationData|4717[0] |
|006706D6|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|SSL3ParseOnRecordLayer |4321[60] |
|0067051C|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|SSL3ParseOnRecordLayer |4261[0] |
|00668FA5|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|AnalyzeBuffer |1589[126]|
|00668B84|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|AnalyzeBuffer |1463[0] |
|00669753|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|DataAvailable |1806[15] |
|006696B8|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|DataAvailable |1791[0] |
|0068CE46|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |PerformExchange |3169[90] |
|0068CB18|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |PerformExchange |3079[0] |
|0068AFBA|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |PerformRequest |2614[41] |
|0068AE88|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |PerformRequest |2573[0] |
|0068B0B2|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |Get |2638[3] |
|0068B084|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |Get |2635[0] |
|0068F487|HTTPSSBBTest.exe|WellHttpsSBB.pas |TWellHttpsSBB |Get |317[4] |
|0068F44C|HTTPSSBBTest.exe|WellHttpsSBB.pas |TWellHttpsSBB |Get |313[0] |
|006F4995|HTTPSSBBTest.exe|main.pas |TForm1 |btnOpenClick |112[15] |
|004FED49|HTTPSSBBTest.exe|Controls.pas |TControl |Click |7188[13] |
|004FECC4|HTTPSSBBTest.exe|Controls.pas |TControl |Click |7175[0] |
|004D8822|HTTPSSBBTest.exe|StdCtrls.pas |TCustomButton |Click |4516[3] |
|006F4ABD|HTTPSSBBTest.exe|main.pas |TForm1 |FormKeyUp |126[3] |
|00504AEA|HTTPSSBBTest.exe|Controls.pas |TWinControl |KeyUp |10861[1] |
|00504B4A|HTTPSSBBTest.exe|Controls.pas |TWinControl |DoKeyUp |10880[11]|
|00504B1F|HTTPSSBBTest.exe|Controls.pas |TWinControl |DoKeyUp |10872[3] |
|00504AF4|HTTPSSBBTest.exe|Controls.pas |TWinControl |DoKeyUp |10869[0] |
|00504B72|HTTPSSBBTest.exe|Controls.pas |TWinControl |WMKeyUp |10890[1] |
|004FE7C8|HTTPSSBBTest.exe|Controls.pas |TControl |WndProc |7068[91] |
|004FE4F4|HTTPSSBBTest.exe|Controls.pas |TControl |WndProc |6977[0] |
|005030B8|HTTPSSBBTest.exe|Controls.pas |TWinControl |WndProc |9834[144]|
|7E42B3FC|USER32.dll | | |CallNextHookEx | |
|00502758|HTTPSSBBTest.exe|Controls.pas |TWinControl |MainWndProc |9555[3] |
|7E418A0B|USER32.dll | | |DispatchMessageW | |
|7E418A01|USER32.dll | | |DispatchMessageW | |
|0052C9B9|HTTPSSBBTest.exe|Forms.pas |TApplication |ProcessMessage |9777[30] |
|0052C89C|HTTPSSBBTest.exe|Forms.pas |TApplication |ProcessMessage |9747[0] |
|0052C9FE|HTTPSSBBTest.exe|Forms.pas |TApplication |HandleMessage |9807[1] |
|0052C9F4|HTTPSSBBTest.exe|Forms.pas |TApplication |HandleMessage |9806[0] |
|0052CD46|HTTPSSBBTest.exe|Forms.pas |TApplication |Run |9950[32] |
|0052CC60|HTTPSSBBTest.exe|Forms.pas |TApplication |Run |9918[0] |
|006FF8AD|HTTPSSBBTest.exe|HTTPSSBBTest.dpr | | |14[4] |

Here's the code for my implementation of TelHttpsClient:

procedure TWellHttpsSBB.httpsClientCertificateValidate(Sender: TObject;
                                        X509Certificate: TElX509Certificate; var Validate: Boolean);
  Validate := True;

procedure TWellHttpsSBB.httpsClientData(Sender: TObject; Buffer: Pointer; Size: Integer);
  Bytes: ByteArray;
  SetLength(Bytes, Size);
  Move(Buffer^, Bytes[0], Size);

procedure TWellHttpsSBB.httpsClientDocumentBegin(Sender: TObject);
//  FDocumentBegin := 'Receiving Document';

procedure TWellHttpsSBB.httpsClientDocumentEnd(Sender: TObject);
  FDocumentEnd := 'Finished Receiving Document';

procedure TWellHttpsSBB.httpsClientError(Sender: TObject; ErrorCode: Integer; Fatal, Remote: Boolean);
  FError := IntToStr(ErrorCode);

procedure TWellHttpsSBB.httpsClientKeyNeeded(Sender: TObject; const Hint: string; var Identity: string; var Key: ByteArray);
  FKeyNeeded := 'Hint: ' + Hint + ' - Identity: ' + Identity;

procedure TWellHttpsSBB.httpsClientPreparedHeaders(Sender: TObject; Headers: TStringList);
  FPreparedHeaders := Headers.Text;

procedure TWellHttpsSBB.httpsClientProgress(Sender: TObject; Total, Current: Int64; var Cancel: Boolean);
  FTotal := Total;
  FCurrent := Current;
  FProgress := 'Current: ' + IntToStr(Current) + ' - Total: ' + IntToStr(Total);

procedure TWellHttpsSBB.httpsClientReceivingHeaders(Sender: TObject; Headers: TStringList);
  FReceivingHeaders := Headers.Text;

procedure TWellHttpsSBB.httpsClientRedirection(Sender: TObject; OldURL, NewURL: string; var AllowRedirection: boolean);
  AllowRedirection := True;
  FData.Text := Self.Get(NewURL);

procedure TWellHttpsSBB.httpsClientSendData(Sender: TObject; Buffer: Pointer; Size: Integer);
  Bytes: ByteArray;
  SetLength(Bytes, Size);
  Move(Buffer^, Bytes[0], Size);
  FSendData := StringOfBytes(Bytes);

Also if I attempt to navigate to 'https://greatlandtech.net/pronto' a redirection is forced to 'https://greatlandtech.net/pronto/' (note the trailing slash) the application hangs.

Can you please help me determine if I'm doing something wrong or if I have found a bug in the SBB codebase?


David Keith
Posted: 12/02/2010 14:58:00
by Eugene Mayevski (EldoS Corp.)

Quick question: have you enabled range checking? SecureBlackbox won't work with range checking enabled - there are places in code where range check will give false alarms. Range checks are disabled in SecureBlackbox source code, but if you somehow re-enable them (I can only guess how they got enabled in HTTP client), you'll get exceptions.

Sincerely yours
Eugene Mayevski
Posted: 12/02/2010 15:08:48
by Eugene Mayevski (EldoS Corp.)

OK, I've done some quick tests. Google redirection works just fine. Your second URL doesn't work at all (connection fails, both in the test and in Firefox) so I couldn't test it. I suspect your "hanging" is an attempt to connect the host which is down and if SocketTimeout is 0 (wait infinitely), the component just waits (and will wait for 2 hours before winsock closes the socket and reports error).
Posted: 12/02/2010 15:27:57
by David Keith (Basic support level)
Joined: 12/02/2010
Posts: 2

Answer to question #1: Range checking is turned off, Delphi 2010 {$R-}.

Response to #2:

I forgot I have IP verification/ACL stuff going on, so you wouldn't be able to access the second site from where you are.

Hmm... no problem with redirection to https://www.google.com... I'm sure it has something to do with redirection, since both sites involve redirection.

Curious that even if I explicitly turn off range checking ({$R-}) I still get range check errors. Did you see anything in my code that would create an issue for redirection??


David Keith
Posted: 12/02/2010 15:53:37
by Eugene Mayevski (EldoS Corp.)

I am wondering how range checks could be performed at all with range checking disabled.

Please try using a sample project (found in \Samples\Delphi\HTTPBlackbox\Client folder) against your URLs and see what result it produces. If the sample works, then you need to look into your code.

Also please specify what version of Delphi you are using and what exactly version of SecureBlackbox you installed (the easiest is to check changes.txt file installed to SecureBlackbox folder).

Sincerely yours
Eugene Mayevski
Posted: 12/02/2010 16:04:47
by Eugene Mayevski (EldoS Corp.)

I am moving this topic to HelpDesk because it looks like some non-technical issues must be addressed.

Sincerely yours
Eugene Mayevski
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.



Topic viewed 2411 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!