Some problems on Solaris

Steven Bakker steven at
Tue Feb 16 08:47:39 CET 1999

>>>>> On Mon, 15 Feb 1999, "WK" == Werner Koch wrote:

  WK> Steven Bakker <steven at> writes:

  SB> Note that in various spots in the source code, arrays are defined as
  SB> "words[64]", without any explanation as to where the "64" comes from.

  WK> This is from the definition of MD5.

Ah, that shows my ignorance.  Still, a symbolic constant would be 

  SB> "http.c" is one that caused me headaches to debug, but I found more

  WK> I don't see any fixed size array in http.c ???

Not directly, no, but it uses things like:

	request = m_alloc( strlen(p) + 20 );

The "20" here is fairly arbitrary, although I can tell it's derived 
from the sprintf() format string in the next statement.  When I initially 
tested the proxy code, it consistently bombed somewhere after that, since 
I hadn't updated the "20".  I replaced this with a (hopefully) more robust 

As for other fixed size arrays: argparse.c (char keyword[100]), dotlock.c
(pidstr[16]), errors.c (buf[15] and buf[50]), miscutil.c (buffer[30],
buffer[11+5] and buffer[50]).  All of these seem to be properly dimensioned
or have their boundaries checked though.

  SB> code thinking a buffer is X+Y bytes while it is in fact X.

  WK> I'll try again on an alpha.

Thanks.  The bus errors only happen on _some_ signatures as far as I can 
see.  Most of them get processed without any problem.  It's just the odd 
one that seems to bomb gpg, at least in my experience.

Other than that, I am a very happy user of GnuPG and will choose it over 
PGP anytime, simply because of the fact that we _can_ discuss and modify 
the source code and algorithms.  Keep it up!


More information about the Gnupg-devel mailing list