Off by one error causes crash with certain optimizations
Brought to you by:
tringali
Menu
▾
▴
#656 Off by one error causes crash with certain optimizations
regularExp.c contains an off by one error. Default_Delimiters is defined as
static unsigned char Default_Delimiters [UCHAR_MAX] = {0};
Note, that UCHAR_MAX == 255 on most architectures. Later, makeDelimiterTable does the following on line 4089:
memset (table, 0, 256);
This overwrites one byte of an adjacent variable with 0, Most likely the Current_Delimiters variable. When compiling with "-O2 -finline-functions" this will cause a crash. (Also some versions of gcc will give a warning about the buffer overflow:
In file included from /usr/include/string.h:640,
from regularExp.c:83:
In function \u2018memset\u2019,
inlined from \u2018SetREDefaultWordDelimiters\u2019 at regularExp.c:4089:
/usr/include/bits/string3.h:85: warning: call to __builtin___memset_chk will always overflow destination buffer
Changing the declaration to be:
static unsigned char Default_Delimiters [UCHAR_MAX + 1] = {0};
or
static unsigned char Default_Delimiters [256] = {0}; /* since we are using magic numbers later, why not just hard code it! */
solves the problem
Fix for off by one error
I've added the fix to CVS. Thanks.