This is good example of how nice C and arrays can be... :-(
I think you have header information which is longer than the maximum string lengths (like MSGDSTRLEN). If this happens, there will be a null termination in position MSGDSTRLEN (which in C is an error, since arrays are indexed 0 - LEN-1).
An example from parse.c, function getid line 419:
- %< ----------------------------------------------------------------
for (i = 0; *c && *c != '>' && *c != '\n' && i < MSGDSTRLEN; c++) {
if (*c == '\\')
continue;
msgid[i++] = *c;
msgid[i] = '\0';
- %< ----------------------------------------------------------------
If the header-id is longer than MSGDSTRLEN, the loop is terminated
because i = MSGDSTRLEN; then an assigment msgid[MSGDSTRLEN] = '\0' is
run. This breaks the code.
There are many more examples of this kind of string processing loops
in the code (I think *all* the getXXX functions are written in the
same way).
The loop could be written as "...&& i < (MSGDSTRLEN-1); c++) {" or the
assignment could check for overflow - perhaps that is a better
(faster) solution?
Hm. I remember clearly sending a bug report about this parsing a couple of times earlier.
Cheers,
Erik.Boralv_at_CMD.UU.SE
Human-Computer Interaction
Uppsala University, SWEDEN
http://www.cmd.uu.se/
+46 (0)18 471 28 28 (voice)
+46 (0)18 471 78 11 (fax)
Received on Mon 29 Jun 1998 04:50:20 PM GMT
This archive was generated by hypermail 2.3.0 : Sat 13 Mar 2010 03:46:11 AM GMT GMT