Re: memory scribbling while using IOChannels

> From: Joel Becker <jlbec evilplan org>
> On Fri, Aug 24, 2001 at 08:51:01AM -0700, Ron Steinke wrote:
> > Thanks for catching this. There's also a similar bug in g_io_channel_write_chars().
> > If you haven't committed yet, I'd be happy to do so.
> Ron,
> 	Go ahead and commit.  However, getting past this allows another
> bug to show up.  I was reading 400K of input, and my program crashed.
> Why?  encoded_read_buf->allocated_len was 1G, and
> io_channel_fill_buffer() was calling g_string_set_size(encoded_read_buf,
> 2G).  Eek!  encoded_read_buf->len was only 15K at the time.  I suspect
> it has something to do with the outbytes_left MAX() calls, but I haven't
> sat down to look at it in detail yet.  I will probably get back to it
> sometime this morning, but if you get there first I'm cool.  You can see
> it if you change iotest.c to do "ls -l /usr/lib" instead of "ls
> /usr/lib".

The new one was due to me not subtracting 1 from allocated_len to
account for the null at the end of the buffer. Both fixes are
now in CVS.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]