This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

Re: tst-timezone dumps core

To: drepper@cygnus.com (Ulrich Drepper)
Subject: Re: tst-timezone dumps core
From: Zack Weinberg <zack@rabi.phys.columbia.edu>
Date: Thu, 30 Jul 1998 14:35:13 -0400
cc: libc-hacker@gnu.org

On 28 Jul 1998 20:25:38 -0700, Ulrich Drepper wrote:
>Zack Weinberg <zack@rabi.phys.columbia.edu> writes:
>
>> For awhile now tst-timezone dumps core in __tzfile_read, in this loop:
>> 
>> 277       for (i = 0; i < num_types; ++i)
>> 278         __tzname[types[i].isdst] = __tzstring (&zone_names[types[i].idx]
>);
>> 
>> num_types is absurdly large, so it runs off the end of the array.
>> Probably the bug is in decode().
>
>Can you evaluate this further?  I cannot see this problem here.

I've tracked it to __tzstring.  Something in there scribbles all over
__tzfile_read's stack frame.  The code in tzset.c is hideous and I am not
surprised it has buffer overruns in it.  It might be an interaction with the
compiler but I think we should try to fix it anyway - a lot of people are
using egcs 1.0.3 out there.

I'll investigate further this evening.

zw

References:
- Re: tst-timezone dumps core
  - From: Ulrich Drepper <drepper@cygnus.com>

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]