Re: [evolution-patches] seeking review for bug 46706 :Evolution - 1.4 Evo hangs when forward one contact.
- From: Not Zed <notzed ximian com>
- To: Gilbert Fang <gilbert fang sun com>
- Cc: Chris Toshok <toshok ximian com>, "evolution-patches ximian com" <evolution-patches ximian com>
- Subject: Re: [evolution-patches] seeking review for bug 46706 :Evolution - 1.4 Evo hangs when forward one contact.
- Date: 11 Aug 2003 14:31:15 -0400
Since this is a char sequence, rather than a string, it should probably
use memcpy() rather than strcpy() since the trailing NUL is redundant?
On Mon, 2003-08-11 at 02:54, Gilbert Fang wrote:
> Hi, Chris
>
> The bug will hang/crash the evolution. It exists on Suse(SLEC-GM) but
> not in RH8.
> I find it is because the mem aollocation error. The patch works well
> in my Suse workspace.
>
> here is my comments on the patch
> - attach_data->_maximum = attach_data->_length = strlen (tempstr);
> + attach_data->_maximum = attach_data->_length = strlen (tempstr) + 1;
> attach_data->_buffer = CORBA_sequence_CORBA_char_allocbuf
> (attach_data->_length);
> strcpy (attach_data->_buffer, tempstr);
>
> Since attach_data is not a Corba string, it is only a sequence of
> char, the allocbuf will not be sure to allocate the extra space for
> the terminated byte '\0'. Thus the strcpy would be easily beyond
> the memory boundry and evolution will hang or crash some lines later.
>
> But what confused me is the orginial code can work well in RH8. I
> guess RH8 has added some protection codes to avoid such errors.
> Anyway, the patch will not have any harm to other platform and really
> fix the bug on SLEC(Suse Linux Enterprise Client).
>
>
> Please review it for Evolution 1.4 branch.
>
> Thanks
> Gilbert
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
