149399 – 2 * array subscript out of range

Bug 149399 - 2 * array subscript out of range

Summary: 2 * array subscript out of range

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	bbkeys
Sub Component:
Version:	3
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Matthias Saou
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-02-22 18:17 UTC by David Binderman
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-05-03 11:46:10 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description David Binderman 2005-02-22 18:17:37 UTC

Description of problem:

I just tried to compile package bbkeys-0.8.6-4 from 
Redhat Fedora Extras development tree.

The compiler said

1.

wminterface.cc(71): warning #175: subscript out of range

The source code is

        e.xclient.data.l[4] = e.xclient.data.l[5] = 0;

but in file /usr/X11R6/include/X11/Xlib.h, field l only has five
longs, so e.xclient.data.l[5] doesn't exist.

Suggest code rework.

2.

wminterface.cc(89): warning #175: subscript out of range

Duplicate.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Matthias Saou 2005-02-22 18:27:44 UTC

I saw that you were opening quite a few similar reports for many
components... please, just a few questions :
- What is the consequence exaclty? Just compiler warnings? How does
this affect the behavior?
- Why do you report these coding problems to _packagers_ instead of to
the upstream _developers_?

Comment 2 David Binderman 2005-02-22 18:59:36 UTC

>What is the consequence exaclty?

Depends. If the rest of the union is bigger (might be on some
machines), then reasonably safe - if not, then other data is overwritten.

In a strict sense, accessing an array outside its limits is
undefined code.

>Why do you report these coding problems to _packagers_

Redhat Fedora asks for bug reports, they get bug reports.
Why ask for bug reports, then complain when I send them in ?

Having a single point of contact for bug reports helps me a lot.

The packagers are free to forward the bug reports on to relevant
developers.

I'll be working my way through Extras over the next few days.
First impressions are that I'm going to be finding a lot of bugs.

Comment 3 Matthias Saou 2005-04-07 19:36:54 UTC

A rebuild of bbkeys 0.9.0 will appear in Extras development real soon. Please
check if the problem still exists in that new version, as it includes major changes.

Comment 4 David Binderman 2005-04-08 08:13:14 UTC

>Please check if the problem still exists in that new version

Sorry, unable to do so.

That machine no longer runs any Redhat Linux.

I suspect that a swift visual check of the new version by Mark 1 eyeball
will be able to verify whether or not the bug still exists.

Comment 5 Matthias Saou 2005-05-03 11:46:10 UTC

Thanks for the bug report.  At the moment, the Fedora developers don't have
time to work on this particular issue. The best way to make sure your problem
will get looked on is to report it to the authors of the program. Most 
upstream authors use a bug tracking system like bugzilla, and more people
who know the code will be looking at the bug report there.

The upstream bug tracking system to use is:
http://sourceforge.net/tracker/?group_id=33459

Please make sure the bug isn't already in the upstream bug tracker before
filing it.

Note You need to log in before you can comment on or make changes to this bug.