Re: AIX 5.1 client crash (buffer-overflow)

From: Philip Martin <philip_at_codematters.co.uk>
Date: 2004-01-16 18:38:06 CET

Travis <svn@castle.fastmail.fm> writes:

> Yes, xlc, version 6 on AIX 5.1.
>
> I had to make these changes to successfully compile because they
> stopped compilation:
>
> "subversion/libsvn_ra_svn/cram.c", line 90.13: 1506-280 (E) Function
> argument
> assignment between types "unsigned char*" and "char*" is not allowed.
> "subversion/libsvn_ra_svn/cram.c", line 99.17: 1506-280 (E) Function
> argument
> assignment between types "unsigned char*" and "char*" is not allowed.
> "subversion/libsvn_ra_svn/cram.c", line 105.17: 1506-280 (E) Function
> argument
> assignment between types "unsigned char*" and "char*" is not allowed.
>
> % diff orig/subversion-0.35.1/subversion/libsvn_ra_svn/cram.c \
> subversion-0.35.1/subversion/libsvn_ra_svn/cram.c
> 90c90
> < apr_md5(secret, password, len);
> ---
> > apr_md5((unsigned char*)secret, password, len);
> 99c99
> < apr_md5_final(digest, &ctx);
> ---
> > apr_md5_final((unsigned char*)digest, &ctx);
> 105c105
> < apr_md5_final(digest, &ctx);
> ---
> > apr_md5_final((unsigned char*)digest, &ctx);

Hmm, that function does bit operations on char, and char could be
signed. Perhaps it would be better to use unsigned char. Greg?

Index: subversion/libsvn_ra_svn/cram.c
===================================================================
--- subversion/libsvn_ra_svn/cram.c (revision 8340)
+++ subversion/libsvn_ra_svn/cram.c (working copy)
@@ -78,7 +78,7 @@
static void compute_digest(char *digest, const char *challenge,
                            const char *password)
{
- char secret[64];
+ unsigned char secret[64];
   apr_size_t len = strlen(password), i;
   apr_md5_ctx_t ctx;

> "subversion/clients/cmdline/main.c", line 611.17: 1506-112 (E)
> Duplicate type
> qualifier "volatile" ignored.
>
> % diff orig/subversion-0.35.1/subversion/clients/cmdline/main.c \
> subversion-0.35.1/subversion/clients/cmdline/main.c
> 611c611
> < static volatile sig_atomic_t cancelled = FALSE;
> ---
> > static sig_atomic_t cancelled = FALSE;

Hmm, again. I think this is a real AIX bug. The C standard is
explicit, we need to use "volatile sig_atomic_t". I see that gcc's
fixincl removes volatile from the shadow sys/signal.h, but says that
only some versions of AIX are affected. We need to be very careful
not to remove volatile from our code in cases where there is no
duplicate. Perhaps we could use an autoconf macro. Or we could use
an integer type directly, but that's no more portable than not using
volatile. Or we could leave it as it is, but add a comment to the
code saying that if the error occurs then volatile should be removed.

-- 
Philip Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Fri Jan 16 18:39:20 2004

This message: [ Message body ]
Next message: Eric Gillespie: "Re: Problem with r7950"
Previous message: kfogel_at_collab.net: "Re: svn commit: r8330 - in branches/1.0-stabilization: . build/generator build/win32 doc/book packages/rpm/mandrake-9.0 packages/rpm/mandrake-9.1 packages/rpm/mandrake-9.2 subversion/bindings/swig subversion/include subversion/libsvn_subr subversion/tests/libsvn_subr"
Maybe in reply to: Philip Martin: "Re: AIX 5.1 client crash (buffer-overflow)"
Next in thread: Greg Hudson: "Re: AIX 5.1 client crash (buffer-overflow)"
Reply: Greg Hudson: "Re: AIX 5.1 client crash (buffer-overflow)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]