[Uim-bugs] [Bug 3252] New: incorrect usage of bind_textdomain_codeset()

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Tue May 10 05:37:57 EEST 2005 

Please do not reply to this email: if you want to comment on the bug, go to    
       
the URL shown below and enter yourcomments there.     
   
https://bugs.freedesktop.org/show_bug.cgi?id=3252          
     
           Summary: incorrect usage of bind_textdomain_codeset()
           Product: UIM
           Version: unspecified
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P2
         Component: libuim
        AssignedTo: uim-bugs at freedesktop.org
        ReportedBy: qhwt+uim at les.ath.cx


In uim-0.4.4 and the later version, there is an incorrect usage of
bind_textdomain_codeset() in its macro definition in uim/context.h .
The macros in question are:

UIM_SWITCH_TEXTDOMAIN_CODESET
UIM_RESTORE_TEXTDOMAIN_CODESET

The former calls bind_textdomain_codeset() to get the current codeset
and set it to a local pointer orig_encoding (defined by another macro),
then call bind_textdomain_codeset() to set the new codeset for the specified
textdomain. The latter restores the previous codeset for the textdomain
by calling bind_textdomain_codeset() with orig_encoding as its argument.

According to the man page of bind_textdomain_codeset() function,
the return value is valid until the next call to the same function
(I'm using gettext-0.14.1, but the description of the validity of return
value hasn't been changed since gettext-0.11.5, so this isn't new).
That is, the original codeset pointed to by orig_encoding is no longer
valid by the time UIM_RESTORE_TEXTDOMAIN_CODESET is used, because it's
the third call to bind_textdomain_codeset() when it tries to restore
the codeset. This sometimes results in referencing a free'ed memory
location and segmentation fault, because the private function(in libintl)
set_binding_values() frees the previously returned string before registering
the new codeset string.
(this is a slightly modified version of FreeBSD PR ports/80755)          
     
     
--           
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email         
     
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the uim-bugs mailing list