- From: Gregory E. Moltchadski <agent.smith@atcsim.de>
- Date: Fri, 9 Mar 2001 12:11:14 +0100
- To: <www-lib@w3.org>
- Message-ID: <006c01c0a889$a82d4960$c800a8c0@atcsim.de>
Hi!
LIBWWW produces core dumps on Solaris 7 and 8 when compiled with thread support.
(try "chunk file:///usr/include" for example).
The bug is in HTFile.c and HTMulti.c in "readdir_r" function calls:
---------------------------------------------------------
diff HTMulti.c HTMulti.c.buggy
311c311
< char result[512]; /* For readdir_r */
---
> struct dirent result; /* For readdir_r */
337c337
< while ((dirbuf = (struct dirent *) readdir_r(dp, (struct dirent *)result))) {
---
> while ((dirbuf = (struct dirent *) readdir_r(dp, &result))) {
339c339
< while (readdir_r(dp, (struct dirent *)result, &dirbuf) == 0) {
---
> while (readdir_r(dp, &result, &dirbuf) == 0) {
---------------------------------------------------------
diff HTFile.c HTFile.c.buggy
177c177
< char result[512]; /* For readdir_r */
---
> struct dirent result; /* For readdir_r */
181c181
< while ((dirbuf = (struct dirent *) readdir_r(dp, (struct dirent *)result)))
---
> while ((dirbuf = (struct dirent *) readdir_r(dp, &result)))
183c183
< while (readdir_r(dp, (struct dirent *)result, &dirbuf) == 0)
---
> while (readdir_r(dp, &result, &dirbuf) == 0)
---------------------------------------------------------
The "dirent" structure on SUN doesn't contain memory space for filenames:
typedef struct dirent {
ino_t d_ino; /* "inode number" of entry */
off_t d_off; /* offset of disk directory entry */
unsigned short d_reclen; /* length of this record */
char d_name[1]; /* name of file */
} dirent_t;
so the caller us responsible to allocate enough memory for the "d_name" field.
WBR
--
Gregory E. Moltchadski
Senior Software Engineer
ATCSim GmbH
Carl-Zeiss-Strasse 41
55129 Mainz
Germany
Tel: +49 (0)6131 250 533 31
Fax: +49 (0)6131 250 533 40
Mobil: +49 (0)177 653 2998
Received on Friday, 9 March 2001 06:12:09 UTC