From unknown Fri Mar 29 07:29:13 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#776: [X2Go-Dev] Bug#776: nx-X11: Size of pointer 'server_support' used instead of size of its data Reply-To: Mike Gabriel , 776@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.x2go.org Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Sat, 31 Jan 2015 15:05:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 776 X-X2Go-PR-Package: nx-libs X-X2Go-PR-Keywords: Received: via spool by 776-submit@bugs.x2go.org id=B776.142271659030392 (code B ref 776); Sat, 31 Jan 2015 15:05:01 +0000 Received: (at 776) by bugs.x2go.org; 31 Jan 2015 15:03:10 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 6C8053BC90 for <776@bugs.x2go.org>; Sat, 31 Jan 2015 16:03:08 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id DBC2BC8B; Sat, 31 Jan 2015 16:03:07 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id D35583BA82; Sat, 31 Jan 2015 16:03:07 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K7bcUBRJQX+4; Sat, 31 Jan 2015 16:03:07 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id A62373B9F8; Sat, 31 Jan 2015 16:03:07 +0100 (CET) Received: from bifrost.das-netzwerkteam.de (bifrost.das-netzwerkteam.de [178.62.101.154]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Sat, 31 Jan 2015 15:03:07 +0000 Date: Sat, 31 Jan 2015 15:03:07 +0000 Message-ID: <20150131150307.Horde.bCKxdeEOIAYx__y3__tsyw4@mail.das-netzwerkteam.de> From: Mike Gabriel To: Heinrich Schuchardt , 776@bugs.x2go.org In-Reply-To: <54CBDBAF.7010309@gmx.de> User-Agent: Internet Messaging Program (IMP) H5 (6.2.2) Accept-Language: en,de Organization: DAS-NETZWERKTEAM X-Originating-IP: 178.62.101.154 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0 Iceweasel/32.0 Content-Type: multipart/signed; boundary="=_B9yksBIau6rcQnCkQuctxg1"; protocol="application/pgp-signature"; micalg=pgp-sha1 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_B9yksBIau6rcQnCkQuctxg1 Content-Type: text/plain; charset=us-ascii; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Heinrich, On Fr 30 Jan 2015 20:29:51 CET, Heinrich Schuchardt wrote: > package: nx-libs > version: head > > > In nx-libs/nx-X11/extras/Mesa/src/glx/x11/glxextensions.c > the length of the zeroed memory is the length of the pointer (4 bytes in > case of a 32bit system) not the length of the data the pointer points to > (8 byte). > > static void > __glXProcessServerString( const struct extension_info * ext, > const char * server_string, > unsigned char * server_support ) > { > unsigned base; > unsigned len; > > (void) memset( server_support, 0, sizeof( server_support ) ); > > Furthermore the length of the memory area pointed to by server_support > is defined in varying ways in the coding: > > #define __GL_EXT_BYTES ((__NUM_GL_EXTS + 7) / 8) > > > unsigned char server_support[ __GL_EXT_BYTES ]; > unsigned char server_support[8]; > > Currently __NUM_GL_EXTS =3D 123, so __GL_EXT_BYTES =3D 8. > > What is expected to happen if __GL_EXT_BYTES > 8 after defining six more > values in the unamed (sic!) enum with the different bits? > > This questionable code was identified with cppcheck. > http://cppcheck.sourceforge.net/ > > Best regards > > Heinrich Schuchardt Now that you have analyzed it, do you see a chance for coming up with patch= ? THANKS+GREETS, Mike --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x= fb --=_B9yksBIau6rcQnCkQuctxg1 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJUzO6rAAoJEJr0azAldxsxpyIQAIBS/4h/o1/qKLDPxugPvq9t qPvLBX4lxSzxbVsYunntvJLth625vagulihXrEX7gEuRpMvLYG9m6dp3+/ltkwyi YZb4SpTOvmBvEikgtBy3ncjSqpTJyCw+YLlVSZRfZ6zRYiK6ZkPuGKclYBwor5/+ HDXQFYAomRGwiUD/HqRzwOdpc5kp8iW3gwH9tNvd2NCQOEwjV8mN32wP85VveYk6 5USNlZod+pHy/dGX+djclK7aAziCgXPIjWnofooHi9DiEsOPQvs+4kAdJBDlPlvS qtqDrPkAumxXt9xfT6sT5cagEKhOhgn/8Hwbi7RiTjhDu3XB7CGIGciHu+bOig6H w6EphQIH9wMqcby3huqSalvF2BfqfE6qYA+bbY78FUGK3LZz/I8Um8Sp6M1b7Lkc ChRNeEa8y6HfChockXZDelQs8ogVCLPbehQ72CJ98x392UURb3Qq6kqSL6KDSAw5 BjjGUpdg10tCitXsXz7KCJvcWN9Lqvr0hjzBe0etzJpddqxV6AAHCJ4ur0i8DF0l 826+Y6y0Ld7CrDcGkaEyymgSi8WbjJXGDOAeMF2vodN+JceFQ4NJ9MxTHvGI9IKk dWiXalMkdAgadmq/ok4+qLnKQzK1UKi27vpg2QaPr9cTj+MB7WpqxXr+Xsdb/Ysc /cA31wDrVhEHJMkP2rEU =7pJ7 -----END PGP SIGNATURE----- --=_B9yksBIau6rcQnCkQuctxg1--