stdcxx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Travis Vitek (JIRA)" <j...@apache.org>
Subject [jira] Updated: (STDCXX-593) purify reports array bounds write error from rw_locales in 22.locale.cons.stdcxx-485 test
Date Fri, 12 Oct 2007 22:54:50 GMT

     [ https://issues.apache.org/jira/browse/STDCXX-593?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Travis Vitek updated STDCXX-593:
--------------------------------

    Attachment: stdcxx-593.patch

There is a little cleanup in this patch, but IMO it makes the code a lot simpler.

The last note about the memory block type mismatch would only occur if the buffer had to grow
to accomodate the locale string. Normally this doesn't happen on windows because the rw_system
call to the locale utility fails. I found the problem because I plugged in some test code
to generate the locale list using  the locales in etc/config/src/locale_list.h. I kept getting
heap errors saying the block type was not right.

2007-10-12  Travis Vitek  <vitek@roguewave.com>

	STDCXX-593
	* locale.cpp (rw_locale): Update used array size to avoid
	writing past the end of the allocated buffer.  Use a growth
	constant variable to avoid writing the same value in many
	places. Use precalculated name length instead of calling
	strlen() repeatedly.
	[_WIN32]: Hide _malloc_dbg and _free_dbg behind macros
	to clean up multiple conditional blocks and to avoid memory
	block type mismatch.

> purify reports array bounds write error from rw_locales in 22.locale.cons.stdcxx-485
test
> -----------------------------------------------------------------------------------------
>
>                 Key: STDCXX-593
>                 URL: https://issues.apache.org/jira/browse/STDCXX-593
>             Project: C++ Standard Library
>          Issue Type: Improvement
>          Components: Test Driver
>            Reporter: Travis Vitek
>            Priority: Minor
>             Fix For: 4.2.1
>
>         Attachments: stdcxx-593.patch
>
>
> When prepending the default locale to the locale name array, the size of the resulting
string is not modified, so later write operations can write past the end of the buffer.
> ****  Purify instrumented ./22.locale.cons.stdcxx-485 (pid 13090)  ****
> ABW: Array bounds write:
>   * This is occurring while in thread 13090:
>     strcpy         [rtlib.o]
>     rw_locales(int, char const*, bool) [locale.cpp:486]
>     run_test(int, char**) [22.locale.cons.stdcxx-485.cpp:41]
>     *unknown func* [pc=0x808b380]
>     rw_test(int, char**, char const*, char const*, char const*, int  (*)(int, char**))
[driver.cpp:1128]
>     main           [22.locale.cons.stdcxx-485.cpp:78]
>   * Writing 7 bytes to 0x810d72a in the heap (1 byte at 0x810d730 illegal).
>   * Address 0x810d72a is 5114 bytes into a malloc'd block at 0x810c330 of 5120 bytes.
>   * This block was allocated from thread -1207973632:
>     malloc         [rtlib.o]
>     rw_locales(int, char const*, bool) [locale.cpp:350]
>     run_test(int, char**) [22.locale.cons.stdcxx-485.cpp:41]
>     *unknown func* [pc=0x808b380]
>     rw_test(int, char**, char const*, char const*, char const*, int  (*)(int, char**))
[driver.cpp:1128]

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message