[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Chicken-hackers] [PATCH] Fix #1041 by checking buffer size when not sup
|
From: |
Peter Bex |
|
Subject: |
[Chicken-hackers] [PATCH] Fix #1041 by checking buffer size when not supplied |
|
Date: |
Sun, 22 Sep 2013 12:36:48 +0200 |
|
User-agent: |
Mutt/1.4.2.3i |
Hi all,
I managed to figure out the cause behind *one* of the panics in #1045.
The manual says "read-string! reads destructively into the given STRING
argument, but never more characters than would fit into STRING".
See http://wiki.call-cc.org/man/4/Unit%20extras#read-string
Unfortunately, this is not always true: when you pass it #f for the
NUM argument, it will read until EOF, regardless of the size of the
buffer that's passed in.
Since this is a buffer overrun error with a reasonably simple fix,
I think this should go into the stability branch and an emergency
stability release should probably be made.
Attached is the patch which fixes it. Any external code that's using
read-string! should be investigated for #f arguments and fixed to
explicitly pass the buffer size, so that it won't cause trouble with
older, unfixed CHICKENs. I'll modify http-client ASAP.
It would be great if Mario and Alaric could check whether this fix
solves the issues in awful-picman and Ugarit. I was unable to reproduce
the awful-picman bug and the tests for Ugarit just cause so many errors
on my machine that I'm unsure what's going on.
Cheers,
Peter
--
http://www.more-magic.net
0001-Fix-1045-by-reading-no-more-than-the-buffer-length-w.patch
Description: Text document
- [Chicken-hackers] [PATCH] Fix #1041 by checking buffer size when not supplied,
Peter Bex <=