[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-cpio] insufficient size of variable in util.c according LFS
From: |
Ladislav Michnovič |
Subject: |
[Bug-cpio] insufficient size of variable in util.c according LFS |
Date: |
Fri, 8 Jun 2007 17:39:25 +0200 |
Hello.
I was going through a LFS patch and comparing to yesterdays CVS
version of cpio.
I can see in file util.c:441 in function
------------------------
copy_files_tape_to_disk (int in_des, int out_des, off_t num_bytes)
{
long size;
long k;
------------------------
"k" and "size" are long, but "num_bytes" is off_t
The size of off_t is 8 when compiled with -D_FILE_OFFSET_BITS=64 and
the size of long is only 4 on 32 bit arch.
I think option -D_FILE_OFFSET_BITS=64 is used now commonly to enable LFS.
But I see few lines below :
--------------------------------
size = (input_size < num_bytes) ? input_size : num_bytes;
if (crc_i_flag)
{
for (k = 0; k < size; ++k)
--------------------------------
IMHO this could cause an overflow in certain cases.
This issue is also in other functions in that file.
Regards Ladislav.
- [Bug-cpio] insufficient size of variable in util.c according LFS,
Ladislav Michnovič <=