EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Range Check Error in TelHttpsClient

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#15188
Posted: 12/02/2010 14:37:14
by David Keith (Basic support level)
Joined: 12/02/2010
Posts: 2

I'm trying to track down a range check error that occurs in the SBHTTPSClient procedure TElHTTPSClient.DoData(Sender: TObject; Buffer: pointer; Size: longint);

On line 1549 this code is executing when the error occurs:

SetLength(FBuffer, Length(FBuffer) - FContentStart);

At this point in the execution FBuffer (a ByteArray) has a length of -0- while FContentStart has a value of 624. Easy to see how this would produce a range check error. So I know how the error is occuring, but I don't know why it is occuring.

At the time of the error I've attempted to navigate to 'https://www.google.com' which redirects to 'https://encrypted.google.com'. Here's how I make the call:

Code
procedure TForm1.FormCreate(Sender: TObject);
begin
  FHttpsClient := TWellHttpsSBB.Create;
end;


{ TWellHttpsSBB }

constructor TWellHttpsSBB.Create(MsgList,ReqList,RespList: THandle);
begin
  inherited Create;
  Initialize;
end;

procedure TWellHttpsSBB.Initialize(const MsgList,ReqList,RespList: THandle);
begin
  CreateHTTPS;
end;

procedure TWellHttpsSBB.CreateHTTPS;
begin
  FHttps := TelHTTPSClient.Create(Nil);
  with FHttps do
  begin
    CipherSuites[SB_SUITE_RSA_RC4_SHA] := False;
    CipherSuites[SB_SUITE_DHE_RSA_AES256_SHA] := True;
    HTTPProxyPort := 3128;
    HTTPVersion := hvHTTP11;
    IncomingSpeedLimit := 0;
    LocalPort := 0;
    OnCertificateValidate := httpsClientCertificateValidate;
    OnData := httpsClientData;
//    OnDocumentBegin := httpsClientDocumentBegin;
    OnDocumentEnd := httpsClientDocumentEnd;
    OnError := httpsClientError;
    OnKeyNeeded := httpsClientKeyNeeded;
    OnPreparedHeaders := httpsClientPreparedHeaders;
    OnProgress := httpsClientProgress;
    OnReceivingHeaders := httpsClientReceivingHeaders;
    OnRedirection := httpsClientRedirection;
    OnSendData := httpsClientSendData;
    OutgoingSpeedLimit := 0;
    OutputStream := FContentStream;
    PreferKeepAlive := True;
    RequestParameters.Accept := 'text/html, */*,text/xml';
    RequestParameters.UserAgent := 'Mozilla/3.0 (compatible; SecureBlackBox)';
    RequestParameters.ContentLength := -1;
    RequestParameters.ContentType := 'text/xml';
    RequestParameters.ContentRangeStart := -1;
    RequestParameters.ContentRangeEnd := -1;
    SendBufferSize := 65535;
    SocksAuthentication := saNoAuthentication;
    SocketBinding.Port := 0;
    SocketBinding.PortRangeFrom := 0;
    SocketBinding.PortRangeTo := 0;
    SSLEnabled := True;
    UseDigestAuth := False;
    UseHTTPProxy := False;
    UseNTLMAuth := False;
    Versions := [sbSSL3];
    WebTunnelPort := 3128;
  end;
end;

procedure TForm1.btnOpenClick(Sender: TObject);
var
  html: String;
begin
  // get method
  html := FHttpsClient.Get(edit1.Text);
end;

function TWellHttpsSBB.Get(const AUrl: String): String;
var
  amsg: msg;
begin
  try
    FData.Clear;
    FHttps.Get(AURL);
    while FTotal > FCurrent do
      PostMessage(0,amsg.message,0,0);
  finally
    Result := FData.Text;
  end;
end;







Here's some additional info on the exception from Eurekalog:
EurekaLog 6.0.24

Exception:
----------------------------------------------------
2.1 Date : Thu, 2 Dec 2010 15:44:48 -0500
2.2 Address : 00409415
2.3 Module Name : HTTPSSBBTest.exe
2.4 Module Version:
2.5 Type : ERangeError
2.6 Message : Range check error.
2.7 ID : 580B
2.8 Count : 1
2.9 Status : New
2.10 Note :


Active Controls:
--------------------------------------------------------
4.1 Form Class : TForm1
4.2 Form Text : HTTPS Tester - Secure Black Box 7.x
4.3 Control Class: TEdit
4.4 Control Text :

Operating System:
------------------------------------
6.1 Type : Microsoft Windows XP
6.2 Build # : 2600
6.3 Update : Service Pack 3
6.4 Language: English
6.5 Charset : 0

Call Stack Information:
------------------------------------------------------------------------------------------------
|Address |Module |Unit |Class |Procedure/Method |Line |
------------------------------------------------------------------------------------------------
|Running Thread: ID=1944; Priority=0; Class=; [Main] |
|----------------------------------------------------------------------------------------------|
|00687AF2|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |DoData |1549[78] |
|0067D9EA|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|DoData |9327[2] |
|0067139B|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|SSL3ParseApplicationData|4718[1] |
|00671380|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|SSL3ParseApplicationData|4717[0] |
|006706D6|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|SSL3ParseOnRecordLayer |4321[60] |
|0067051C|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|SSL3ParseOnRecordLayer |4261[0] |
|00668FA5|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|AnalyzeBuffer |1589[126]|
|00668B84|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|AnalyzeBuffer |1463[0] |
|00669753|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|DataAvailable |1806[15] |
|006696B8|HTTPSSBBTest.exe|SBClient.pas |TElSecureClient|DataAvailable |1791[0] |
|0068CE46|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |PerformExchange |3169[90] |
|0068CB18|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |PerformExchange |3079[0] |
|0068AFBA|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |PerformRequest |2614[41] |
|0068AE88|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |PerformRequest |2573[0] |
|0068B0B2|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |Get |2638[3] |
|0068B084|HTTPSSBBTest.exe|SBHTTPSClient.pas|TElHTTPSClient |Get |2635[0] |
|0068F487|HTTPSSBBTest.exe|WellHttpsSBB.pas |TWellHttpsSBB |Get |317[4] |
|0068F44C|HTTPSSBBTest.exe|WellHttpsSBB.pas |TWellHttpsSBB |Get |313[0] |
|006F4995|HTTPSSBBTest.exe|main.pas |TForm1 |btnOpenClick |112[15] |
|004FED49|HTTPSSBBTest.exe|Controls.pas |TControl |Click |7188[13] |
|004FECC4|HTTPSSBBTest.exe|Controls.pas |TControl |Click |7175[0] |
|004D8822|HTTPSSBBTest.exe|StdCtrls.pas |TCustomButton |Click |4516[3] |
|006F4ABD|HTTPSSBBTest.exe|main.pas |TForm1 |FormKeyUp |126[3] |
|00504AEA|HTTPSSBBTest.exe|Controls.pas |TWinControl |KeyUp |10861[1] |
|00504B4A|HTTPSSBBTest.exe|Controls.pas |TWinControl |DoKeyUp |10880[11]|
|00504B1F|HTTPSSBBTest.exe|Controls.pas |TWinControl |DoKeyUp |10872[3] |
|00504AF4|HTTPSSBBTest.exe|Controls.pas |TWinControl |DoKeyUp |10869[0] |
|00504B72|HTTPSSBBTest.exe|Controls.pas |TWinControl |WMKeyUp |10890[1] |
|004FE7C8|HTTPSSBBTest.exe|Controls.pas |TControl |WndProc |7068[91] |
|004FE4F4|HTTPSSBBTest.exe|Controls.pas |TControl |WndProc |6977[0] |
|005030B8|HTTPSSBBTest.exe|Controls.pas |TWinControl |WndProc |9834[144]|
|7E42B3FC|USER32.dll | | |CallNextHookEx | |
|00502758|HTTPSSBBTest.exe|Controls.pas |TWinControl |MainWndProc |9555[3] |
|7E418A0B|USER32.dll | | |DispatchMessageW | |
|7E418A01|USER32.dll | | |DispatchMessageW | |
|0052C9B9|HTTPSSBBTest.exe|Forms.pas |TApplication |ProcessMessage |9777[30] |
|0052C89C|HTTPSSBBTest.exe|Forms.pas |TApplication |ProcessMessage |9747[0] |
|0052C9FE|HTTPSSBBTest.exe|Forms.pas |TApplication |HandleMessage |9807[1] |
|0052C9F4|HTTPSSBBTest.exe|Forms.pas |TApplication |HandleMessage |9806[0] |
|0052CD46|HTTPSSBBTest.exe|Forms.pas |TApplication |Run |9950[32] |
|0052CC60|HTTPSSBBTest.exe|Forms.pas |TApplication |Run |9918[0] |
|006FF8AD|HTTPSSBBTest.exe|HTTPSSBBTest.dpr | | |14[4] |
------------------------------------------------------------------------------------------------





Here's the code for my implementation of TelHttpsClient:


Code
procedure TWellHttpsSBB.httpsClientCertificateValidate(Sender: TObject;
                                        X509Certificate: TElX509Certificate; var Validate: Boolean);
begin
  Validate := True;
end;

procedure TWellHttpsSBB.httpsClientData(Sender: TObject; Buffer: Pointer; Size: Integer);
var
  Bytes: ByteArray;
begin
  SetLength(Bytes, Size);
  Move(Buffer^, Bytes[0], Size);
  FData.Add(StringOfBytes(Bytes));
end;

procedure TWellHttpsSBB.httpsClientDocumentBegin(Sender: TObject);
begin
//  FDocumentBegin := 'Receiving Document';
end;

procedure TWellHttpsSBB.httpsClientDocumentEnd(Sender: TObject);
begin
  FDocumentEnd := 'Finished Receiving Document';
end;

procedure TWellHttpsSBB.httpsClientError(Sender: TObject; ErrorCode: Integer; Fatal, Remote: Boolean);
begin
  FError := IntToStr(ErrorCode);
end;

procedure TWellHttpsSBB.httpsClientKeyNeeded(Sender: TObject; const Hint: string; var Identity: string; var Key: ByteArray);
begin
  FKeyNeeded := 'Hint: ' + Hint + ' - Identity: ' + Identity;
end;

procedure TWellHttpsSBB.httpsClientPreparedHeaders(Sender: TObject; Headers: TStringList);
begin
  FPreparedHeaders := Headers.Text;
end;

procedure TWellHttpsSBB.httpsClientProgress(Sender: TObject; Total, Current: Int64; var Cancel: Boolean);
begin
  FTotal := Total;
  FCurrent := Current;
  FProgress := 'Current: ' + IntToStr(Current) + ' - Total: ' + IntToStr(Total);
end;

procedure TWellHttpsSBB.httpsClientReceivingHeaders(Sender: TObject; Headers: TStringList);
begin
  FReceivingHeaders := Headers.Text;
end;

procedure TWellHttpsSBB.httpsClientRedirection(Sender: TObject; OldURL, NewURL: string; var AllowRedirection: boolean);
begin
  AllowRedirection := True;
  FData.Text := Self.Get(NewURL);
end;

procedure TWellHttpsSBB.httpsClientSendData(Sender: TObject; Buffer: Pointer; Size: Integer);
var
  Bytes: ByteArray;
begin
  SetLength(Bytes, Size);
  Move(Buffer^, Bytes[0], Size);
  FSendData := StringOfBytes(Bytes);
end;





Also if I attempt to navigate to 'https://greatlandtech.net/pronto' a redirection is forced to 'https://greatlandtech.net/pronto/' (note the trailing slash) the application hangs.

Can you please help me determine if I'm doing something wrong or if I have found a bug in the SBB codebase?

Thanks.

David Keith
#15189
Posted: 12/02/2010 14:58:00
by Eugene Mayevski (EldoS Corp.)

Quick question: have you enabled range checking? SecureBlackbox won't work with range checking enabled - there are places in code where range check will give false alarms. Range checks are disabled in SecureBlackbox source code, but if you somehow re-enable them (I can only guess how they got enabled in HTTP client), you'll get exceptions.


Sincerely yours
Eugene Mayevski
#15190
Posted: 12/02/2010 15:08:48
by Eugene Mayevski (EldoS Corp.)

OK, I've done some quick tests. Google redirection works just fine. Your second URL doesn't work at all (connection fails, both in the test and in Firefox) so I couldn't test it. I suspect your "hanging" is an attempt to connect the host which is down and if SocketTimeout is 0 (wait infinitely), the component just waits (and will wait for 2 hours before winsock closes the socket and reports error).
#15191
Posted: 12/02/2010 15:27:57
by David Keith (Basic support level)
Joined: 12/02/2010
Posts: 2

Answer to question #1: Range checking is turned off, Delphi 2010 {$R-}.

Response to #2:

I forgot I have IP verification/ACL stuff going on, so you wouldn't be able to access the second site from where you are.

Hmm... no problem with redirection to https://www.google.com... I'm sure it has something to do with redirection, since both sites involve redirection.

Curious that even if I explicitly turn off range checking ({$R-}) I still get range check errors. Did you see anything in my code that would create an issue for redirection??

Thanks.

David Keith
#15192
Posted: 12/02/2010 15:53:37
by Eugene Mayevski (EldoS Corp.)

I am wondering how range checks could be performed at all with range checking disabled.

Please try using a sample project (found in \Samples\Delphi\HTTPBlackbox\Client folder) against your URLs and see what result it produces. If the sample works, then you need to look into your code.

Also please specify what version of Delphi you are using and what exactly version of SecureBlackbox you installed (the easiest is to check changes.txt file installed to SecureBlackbox folder).


Sincerely yours
Eugene Mayevski
#15193
Posted: 12/02/2010 16:04:47
by Eugene Mayevski (EldoS Corp.)

I am moving this topic to HelpDesk because it looks like some non-technical issues must be addressed.


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 2368 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!