Re: Fix for Zope segfault on amd64

To: per.bojsen@bojsen.us
Cc: tab@snarc.org, 279323@bugs.debian.org, debian-amd64@lists.debian.org
Subject: Re: Fix for Zope segfault on amd64
From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Date: Sun, 23 Jan 2005 07:57:57 +0100
Message-id: <[🔎] 87k6q4d43u.fsf@informatik.uni-tuebingen.de>
In-reply-to: <[🔎] 200501230548.j0N5mpro029160@tirith.bojsen.us> (Per Bojsen's message of "Sun, 23 Jan 2005 00:48:51 -0500")
References: <[🔎] 200501220700.j0M70Hf8002780@tirith.bojsen.us> <[🔎] 878y6leg4m.fsf@informatik.uni-tuebingen.de> <[🔎] 200501221449.j0MEnoiY015378@tirith.bojsen.us> <[🔎] 20050122150031.GA5480@snarc.org> <[🔎] 200501222109.j0ML9fFs021669@tirith.bojsen.us> <[🔎] 20050122232001.GA9322@snarc.org> <[🔎] 200501230548.j0N5mpro029160@tirith.bojsen.us>

Per Bojsen <per.bojsen@comcast.net> writes:

> *** Regarding Re: Fix for Zope segfault on amd64; Vincent Hanquez
>     <tab@snarc.org> adds:
>
> Vincent> Please be specific then. point one architecture that zope
> Vincent> support which did not fulfill this requirement.
>
> There are versions of UNIX where gid_t is an unsigned short.  Whether
> those are among the ones supported by Zope, I do not know, but that's
> not the point.  Even if gid_t is always 32 bit you can still get in
> trouble because int may be bigger on some platform, e.g., 64 bit.  I
> think it is foolish to assume int is always 32 bit when writing
> portable code.  Your proposed fix makes the assumption that
> sizeof(gid_t) == sizeof(int).  If that isn't true, the code with your
> fix will segfault or produce incorrect result on big endian
> architectures.

If you are concerned about this then add a check to configure to test
"sizeof(gid_t) == sizeof(int)" or even better add a test to "#define
GID_FORMAT %si" (or whatever appropriate on that arch).

> Vincent> you cannot assume either that long should be big enough to
> Vincent> support a gid_t (even if this likely to be the case for
> Vincent> multiple decade and maybe forever...)  Then what about using
> Vincent> long long to be sure ? or long long long ? see my point ?
>
> Right, that is a concern.  However, my code will not segfault even if
> gid_t is a bigger type than long because I declared the gid variable
> long.  It is just not safe to pass a pointer to gid_t to
> PyArg_ParseTuple().  If you use the i format specifier you should pass
> a pointer to int.  If you use l, pass a pointer to long.  Then do the
> conversion to the actual type you wanted after PyArg_ParseTuple() has
> returned.

If gid_t is 64bit but long is 32bit (Windows for amd64 has 32bit
longs) then the code will not segfault but misbehave anyway. It still
wouldn't work right.

The only sane way is to use a gid_t and ensure the format string
matches. Also, if the PyArg_ParseTuple() function is declared right,
gcc should be able to warn about mismatches between the format and
size of the gid_t. It does with printf.

MfG
        Goswin

Reply to:

References:
- Fix for Zope segfault on amd64
  - From: Per Bojsen <per.bojsen@comcast.net>
- Re: Fix for Zope segfault on amd64
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Fix for Zope segfault on amd64
  - From: Per Bojsen <per.bojsen@comcast.net>
- Re: Fix for Zope segfault on amd64
  - From: Vincent Hanquez <tab@snarc.org>
- Re: Fix for Zope segfault on amd64
  - From: Per Bojsen <per.bojsen@comcast.net>
- Re: Fix for Zope segfault on amd64
  - From: Vincent Hanquez <tab@snarc.org>
- Re: Fix for Zope segfault on amd64
  - From: Per Bojsen <per.bojsen@comcast.net>

Prev by Date: Re: Fix for Zope segfault on amd64
Next by Date: gcc-3.4: mozilla-thunderbird-enigmail
Previous by thread: Re: Fix for Zope segfault on amd64
Next by thread: Re: Bug#279323: Fix for Zope segfault on amd64
Index(es):
- Date
- Thread