Some problems on Solaris
Steven Bakker
steven at icoe.att.com
Tue Feb 16 08:47:39 CET 1999
>>>>> On Mon, 15 Feb 1999, "WK" == Werner Koch wrote:
WK> Steven Bakker <steven at icoe.att.com> writes:
SB> Note that in various spots in the source code, arrays are defined as
SB> "words[64]", without any explanation as to where the "64" comes from.
WK> This is from the definition of MD5.
Ah, that shows my ignorance. Still, a symbolic constant would be
preferable.
SB> "http.c" is one that caused me headaches to debug, but I found more
WK> I don't see any fixed size array in http.c ???
Not directly, no, but it uses things like:
request = m_alloc( strlen(p) + 20 );
The "20" here is fairly arbitrary, although I can tell it's derived
from the sprintf() format string in the next statement. When I initially
tested the proxy code, it consistently bombed somewhere after that, since
I hadn't updated the "20". I replaced this with a (hopefully) more robust
mechanism.
As for other fixed size arrays: argparse.c (char keyword[100]), dotlock.c
(pidstr[16]), errors.c (buf[15] and buf[50]), miscutil.c (buffer[30],
buffer[11+5] and buffer[50]). All of these seem to be properly dimensioned
or have their boundaries checked though.
SB> code thinking a buffer is X+Y bytes while it is in fact X.
WK> I'll try again on an alpha.
Thanks. The bus errors only happen on _some_ signatures as far as I can
see. Most of them get processed without any problem. It's just the odd
one that seems to bomb gpg, at least in my experience.
Other than that, I am a very happy user of GnuPG and will choose it over
PGP anytime, simply because of the fact that we _can_ discuss and modify
the source code and algorithms. Keep it up!
Cheers,
Steven
More information about the Gnupg-devel
mailing list