Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!uunet!auspex!guy From: guy@auspex.auspex.com (Guy Harris) Newsgroups: comp.sources.bugs Subject: Re: pac - core dumps and oddities (with fixes) Message-ID: <3875@auspex.auspex.com> Date: 11 Aug 90 01:40:22 GMT References: <1990Aug6.172508.6109@warwick.ac.uk> <3839@auspex.auspex.com> <1990Aug8.165708.11914@warwick.ac.uk> Organization: Auspex Systems, Santa Clara Lines: 52 >Ugh, "if in doubt, read the instructions ...". I'm confused then, because it >certainly breaks on our Sun3/SunOS 4.0.3 systems, whereas it works on our >Sun4/SunOS 4.0.3 and Sun4/SunOS 4.1 systems (with both gcc and cc). Well, "seems to work, or at least didn't obviously blow up", or maybe "lucked into working", is the more correct phrase, rather than "works". There's a buffer in "pac" that's one byte (at least) too small, so some poor innocent variable gets stomped. In the Sun-3 case, it happened, by a bad stroke of luck, to be "_pfast", which is a variable internal to "curses"; this caused it to get quite confused. It was something else in the Sun-4 binary; smashing that may have been harmless, or may not have. It might be something else yet again on another system.... The moral of the story: "array bounds checking can be your friend". We had Saber-C here at one point, but I don't know if we still have it; running this puppy under Saber might well have found this bug. (The other moral of the story: "Remember, an N-character string in C takes up N+1 bytes....") >>Nope. Instant core dump with those compilers - ANSI or non-ANSI - that >>put constant strings into read-only portions of the address space. > >Yes, okay, I admit it, I was exaggerating and knew it. I just think it's a >bad idea to write into string constants when it's invariably as easy to use >initialised arrays, and it does blow up with some compilers with some options. I think it's a bad idea too, but if somebody's in a hurry to get something working, some ANSI compilers that normally put strings in read-only memory can be coaxed into not doing so.... In any case, here's the fix: *** defs.h.dist Fri Aug 10 10:17:47 1990 --- defs.h Fri Aug 10 18:19:17 1990 *************** *** 193,199 **** char Rebuf[PIPEMAX]; /* work buffers */ char Tmpbuf[PIPEMAX]; char Mop[PIPEMAX]; ! char Uwin_copy[(UBOT - UTOP + 1) * (URIGHT - ULEFT + 1)]; int Context = INIT; /* initial status values */ int Justify = JUS_DFLT; --- 193,199 ---- char Rebuf[PIPEMAX]; /* work buffers */ char Tmpbuf[PIPEMAX]; char Mop[PIPEMAX]; ! char Uwin_copy[(UBOT - UTOP + 1) * (URIGHT - ULEFT + 1) + 1]; int Context = INIT; /* initial status values */ int Justify = JUS_DFLT;