Date: Tue, 18 Dec 2007 10:52:06 +0300 From: "Yuriy Tsibizov" <Yuriy.Tsibizov@gfk.com> To: <freebsd-current@freebsd.org> Subject: RE: story about lost %ebx (stack corruption in inet_aton ?) Message-ID: <78664C02FF341B4FAC63E561846E3BCC0EEA56@ex.hhp.local> In-Reply-To: <78664C02FF341B4FAC63E561846E3BCC0EEA52@ex.hhp.local> References: <78664C02FF341B4FAC63E561846E3BCC0EEA52@ex.hhp.local>
next in thread | previous in thread | raw e-mail | index | archive | help
> My first impression was that there is a bug in gcc compiler on 7-BETA
> and 8-CURRENT (i386 only, and only if optimization is enabled), but it
> seems to be incorrect. Most probably source is stack corruption in
> inet_aton()
mistyped, it is inet_network() that fails...
testcase:
#include <sys/cdefs.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <ctype.h>
int main(){
int val;
char s[]=3D"10.10.0.10.0/12"; // four dots here!
char *q;
q =3D strchr(s,'/');
if (q) {
*q =3D '\0';
if ((val =3D inet_network(s)) !=3D INADDR_NONE) {
printf("OK\n");
return (0);
}
printf("q=3D %08x\n", q);
*q =3D '/';
}
}
(should be built with -O1 or -O2 to expose that bug)
Yuriy.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?78664C02FF341B4FAC63E561846E3BCC0EEA56>