[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libc6 bug? or C programming error?



On Wed, 2003-12-03 at 01:05, Steve Greenland wrote:
> >   sprintf(buf, "Failed to open %s for writing", filename);
>     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> Where did you make 'buf' point to any usuable memory? Everything after
> this is bogus...

You are right that that was not initialised.  Presumably it was
overwriting the program's own memory space, since it did not cause an
error.  (That comes of too much, or too little, cut-and-paste.)  But
fixing that does not fix the error.

Later, buf was set to 0 and then initialised, supposedly, by the mmap()
call:

  if ((int)(buf = (char *) mmap(buf, ((c / getpagesize()) + 2) * getpagesize(),
                  PROT_NONE, MAP_SHARED, fileno(ucf), 0)) == -1) {
    perror("Could not map user_clusters");
    exit(LOC_ERR_READ_FAIL);
  }

I think I need to reread those manpages.    I ran the program through
valgrind and it confirms that curpos is pointing to unallocated memory.

> >   for (curpos = buf; curpos != '\0' && !found; curpos += c) {
>                        ^^^^^^^^^^^^^^
> 
> And this is almost certainly not what you want; assuming you're looking
> for the end of a NUL terminated string, the expression you are looking for
> is  "*curpos != '\0'".

Thanks for catching that one, too!


Any way, this confirms that it is not a bug in strchr().

-- 
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight, UK                             http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C
                 ========================================
     "What shall we then say to these things? If God be for 
      us, who can be against us?"              Romans 8:31 



Reply to: