Bug 80826
| Summary: | cron source array bounds violation | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | d.binderman |
| Component: | vixie-cron | Assignee: | Jason Vas Dias <jvdias> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 8.0 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2004-08-12 22:17:26 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** Bug 111430 has been marked as a duplicate of this bug. *** Use gcc - it appears that whatever compiler you are using is
not up to the job - there is no "compaq" compiler shipped with
Red Hat Linux.
As you can see, the entry->hours array is allocated such that
bits 0-24 can be referenced:
#define bitstr_size(nbits) \
((((nbits) - 1) >> 3) + 1)
#define bit_decl(name, nbits) \
(name)[bitstr_size(nbits)]
#define FIRST_HOUR 0
#define LAST_HOUR 23
#define HOUR_COUNT (LAST_HOUR - FIRST_HOUR + 1)
typedef unsigned char bitstr_t;
bitstr_t bit_decl(hour, HOUR_COUNT);
So the 'hour' array is:
unsigned char hour [ 4 ];
(0-32 bits),
and the maximum byte that can be accessed by the
_bit_byte(_stop);
of bit_nset / bit_set is 3.
By the way, the latest version of cron for RedHat
is vixie-cron-4.1-9 - try compiling that version (with gcc!).
>Use gcc - No. I prefer better (IMHO) compilers. >it appears that whatever compiler you are using is >not up to the job In fact Compaq C is better than gcc in two respects 1. Better front end (as you see above). 2. Better back end (gives fast code). >- there is no "compaq" compiler shipped with >Red Hat Linux. True, it's a downloadable extra. Where the Compaq C compiler reports this kind of warning, 100% of the time, it is correct, in my experience. I wonder if you are compiling the same version of the product that I did back in 2002 ? >By the way, the latest version of cron for RedHat >is vixie-cron-4.1-9 - try compiling that version (with gcc!). Not much point doing that, if my bug reports take 18 months to be answered ! I think I'll be getting my Linux from a more responsive source in future. 18 months for a bug report is wholly inadequate. |
From Bugzilla Helper: User-Agent: Mozilla/4.6 [en-gb]C-CCK-MCD NetscapeOnline.co.uk (Win98; I) Description of problem: Hello there, I have just tried to compile package vixie-cron-3.0.1-69 from Redhat 8.0 Here are some of the messages the compiler produces cc: Info: entry.c, line 152: In this statement, an array is being accessed outside the bounds specified for the array type. (subscrbounds) The line in question is bit_set(e->hour, (LAST_HOUR-FIRST_HOUR+1)); It seems that the compiler is complaining about setting the 24th bit in a 24 bit mask. There is no 24th bit, only 0-23 bits inclusive. I have no fix for this problem. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Compile the package with any C compiler that sanity checks array indexes, for example Compaq. 2. 3. Additional info: