W3C home > Mailing lists > Public > www-amaya-dev@w3.org > June 2007

Re: 64-bit clean code

From: Andrew S. Townley <ast@atownley.org>
Date: Mon, 25 Jun 2007 17:05:15 +0100
To: www-amaya-dev@w3.org
Message-Id: <1182787514.25572.21.camel@macross>

Hi,

I just tried to build Amaya9.54 on amd64 (opensuse-10.2) and had the
same problem.  I know from a google search that this was considered an
exploitable buffer overflow problem on 21-April-2006 by the debian team
(http://osdir.com/ml/linux.debian.devel.announce/2006-04/msg00014.html).

I'm not sure that the code should stay as-is, but I do know that if
you're going to try to cast pointer contents for arithmetic, you should
at least do so with the proper size, e.g. long as Chris suggested.

It would be nice to not have to hack the code just to get it to
compile... ;)  Is there an ETA to getting this issue fixed one or
another?

Thanks in advance,

ast

> From: Laurent Carcone <carcone@w3.org>
> Date: Fri, 21 Jul 2006 17:44:07 +0200
> To: Chris Hodapp <hodapp87@gmail.com>
> Cc: www-amaya-dev@w3.org
> Message-Id: <20060721174407.713cbe4b.carcone@w3.org>
> 
> Hello Chris,
> 
> We'll test yours patches as soon as possible.
> 
> Thanks,
> Laurent Carcone
> 
> 
> On Wed, 19 Jul 2006 18:19:56 -0400
> Chris Hodapp <hodapp87@gmail.com> wrote:
> 
> > 
> > Hello,
> > I'm on pure64 Debian right now (etch, GCC 4.0.4), and no AMD64 packages 
> > existed, so I tried to build the source. Two errors occurred, and I'm pretty 
> > sure it's because an assumption was made that the hardware was 32-bit:
> > 
> > .../../thotlib/dialogue/AmayaXMLPanel.cpp: In member function ___virtual void 
> > AmayaXMLPanel::SendDataToPanel(AmayaParams&)___:
> > .../../thotlib/dialogue/AmayaXMLPanel.cpp:105: error: cast from ___void*___ 
> > to ___int___ loses precision
> > 
> > .../../amaya/MENUconf.c: In function ___void PreferenceCallbackDialog(int, int, 
> > char*)___:
> > .../../amaya/MENUconf.c:4655: error: cast from ___char*___ to ___int___ loses precision
> > 
> > In both cases, I used a 'long' instead of an 'int' and then the code compiled. 
> > Everything seems to run well, but I don't know if I broke something in a 
> > subtle way.
> > 
> > 
> > Here are the changes I tried; hopefully they make sense
-- 
Andrew S. Townley <ast@atownley.org>
http://atownley.org
Received on Monday, 25 June 2007 16:06:28 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:49:02 GMT