Re: [Firebird-devel] FB2b2 3221225477

[eg <eg...@ju...>]

Adriano dos Santos Fernandes wrote:
> Vlad Horsun wrote:
>>>     Send me drwatson.log, please. If you zip it - change .zip 
>>> extension or SF will not passed this mail.     
>>
>>     I've received it, thanks. What i can see :
>>
>>  AV occurs in evl_string.h, line 98
>>
>> template <typename CharType>
>> static void preKmp(const CharType *x, int m, SLONG kmpNext[]) {
>>     SLONG i = 0;
>>     SLONG j = kmpNext[0] = -1;
>>     while (i < m) {
>>         while (j > -1 && x[i] != x[j])
>>             j = kmpNext[j];
>>         i++;
>>         j++;
>>         if (x[i] == x[j])         // AV here
>>             kmpNext[i] = kmpNext[j];
>>         else
>>         kmpNext[i] = j;
>>         }
>> }
>>
>> Some variables at AV time :     m == 0x80, i == 0x80, j == 0x00
>> Since i must be in range 0..0x7F (0..m-1) we have an AV when x[i] 
>> evaluated
>>
>>
>>     As i understand this is a part of CONTAINING evaluation. The 
>> algorithm was written by Nickolay and i unfortunately have no 
>> knowledge of how it must work. May be Adriano can say more ?
>>   
> I don't have knowledge of Knuth-Morris-Pratt algorithm, but I can say 
> that preKmp is always accessing a invalid location.
> The AV will occur with a "magic" string length, causing the invalid 
> location is in another memory page.
> 
> As it's probably that compare of garbage with part of the string is 
> false, I propose to change the line to "if (i < m && x[i] == x[j])".
> 
> Comments?
> 

... this looks mighty familiar:

http://www-igm.univ-mlv.fr/~lecroq/string/node8.html