From owner-freebsd-bugs Thu Jul 20 0:10:11 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id DF2E637BAD7 for ; Thu, 20 Jul 2000 00:10:06 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id AAA86850; Thu, 20 Jul 2000 00:10:06 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from server.bitmcnit.bryansk.su (bitmcnit.bryansk.ru [195.239.213.9]) by hub.freebsd.org (Postfix) with ESMTP id 54B7A37BBC3 for ; Thu, 20 Jul 2000 00:01:17 -0700 (PDT) (envelope-from alex@kapran.bitmcnit.bryansk.su) Received: (from uucp@localhost) by server.bitmcnit.bryansk.su (8.9.3/8.9.3) with UUCP id KAA20757 for FreeBSD-gnats-submit@freebsd.org; Thu, 20 Jul 2000 10:51:21 +0400 Received: (from alex@localhost) by kapran.bitmcnit.bryansk.su (8.9.3/8.9.3) id KAA04040; Thu, 20 Jul 2000 10:46:59 +0400 (MSD) (envelope-from alex) Message-Id: <200007200646.KAA04040@kapran.bitmcnit.bryansk.su> Date: Thu, 20 Jul 2000 10:46:59 +0400 (MSD) From: Alex Kapranoff Reply-To: alex@kapran.bitmcnit.bryansk.su To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/20053: lengthen ALIGNed buffer in telnet/commands.c Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 20053 >Category: bin >Synopsis: lengthen ALIGNed buffer in telnet/commands.c >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jul 20 00:10:05 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Alex Kapranoff >Release: FreeBSD 5.0-CURRENT i386 >Organization: >Environment: usr.bin/telnet/commands.c,v 1.24 >Description: While I was cleaning up a warning with ALIGN(buf) assigned to a pointer, I seem to manage to fix a possible subtle error. On 2904 line we get an ALIGNed pointer to a char buf[1024] and then use 1024 as the length of the (already ALIGNed) buffer. ALIGN can shift a pointer by up to ALIGNBYTES and therefore in order to get a whole of 1024 bytes buffer we need to declare it as char buf[1024 + ALIGNBYTES]. >How-To-Repeat: >Fix: --- commands.c.ctm Thu Jul 20 10:18:03 2000 +++ commands.c Thu Jul 20 10:43:41 2000 @@ -2859,7 +2859,7 @@ int *protop; int *optp; { - static char buf[1024]; /*XXX*/ + static char buf[1024 + ALIGNBYTES]; /*XXX*/ struct cmsghdr *cmsg; #ifdef sysV88 static IOPTN ipopt; @@ -2901,7 +2901,7 @@ lsrp = *cpp; ep = lsrp + *lenp; } else { - *cpp = lsrp = ALIGN(buf); + *cpp = lsrp = (char *)ALIGN(buf); ep = lsrp + 1024; } >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message