Make check now passes [was Re: new release?]
John (J5) Palmieri
johnp at redhat.com
Fri Apr 22 15:58:50 PDT 2005
On Fri, 2005-04-22 at 16:33 -0400, John (J5) Palmieri wrote:
>
> Ok, so this was not the problem but it was faulty code.
> string_from_seed does overwrite buf in cases where the initial size of
> the string is 8 and the seed is 1. In that case 2 is added to the
> length making it 10 which is the size of the buffer. The buffer is
> filled in from position 0 to 9 but a null character is added at position
> 10 which causes the overflow. The real problem is happening in
> _dbus_validate_signature_with_reason in dbus-marshal-validate.c where
> for some reason the signature being passed in is a whitespace. Will
> debug further.
>
In the end this buffer overflow did turn out to be the problem as it was
present in multiple places in the code. Attached is a patch to fix
this. It seems that all the tests now pass except for I got a bunch of
out of memory debug spew in the dispatch test and in the valid and
invalid message tests there are test files which seem to be using the
message builder language which dbus tells me is no longer supported.
Thanks to Ray and Nalin who were both part of the debugging effort.
--
John (J5) Palmieri
Associate Software Engineer
Desktop Group
Red Hat, Inc.
Blog: http://martianrock.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: make-check-buffer-overflow.patch
Type: text/x-patch
Size: 3314 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/dbus/attachments/20050422/9e400b12/make-check-buffer-overflow.bin
More information about the dbus
mailing list