bug-cpio
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-cpio] insufficient size of variable in util.c according LFS


From: Ladislav Michnovič
Subject: [Bug-cpio] insufficient size of variable in util.c according LFS
Date: Fri, 8 Jun 2007 17:39:25 +0200

Hello.
I was going through a LFS patch and comparing to yesterdays CVS
version of cpio.
I can see in file util.c:441 in function
------------------------
copy_files_tape_to_disk (int in_des, int out_des, off_t num_bytes)
{
 long size;
 long k;
------------------------

"k" and "size" are long, but "num_bytes" is off_t

The size of off_t is 8 when compiled with -D_FILE_OFFSET_BITS=64 and
the size of long is only 4 on 32 bit arch.
I think option -D_FILE_OFFSET_BITS=64 is used now commonly to enable LFS.

But I see few lines below :
--------------------------------
size = (input_size < num_bytes) ? input_size : num_bytes;
     if (crc_i_flag)
       {
         for (k = 0; k < size; ++k)
--------------------------------

IMHO this could cause an overflow in certain cases.
This issue is also in other functions in that file.

Regards Ladislav.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]