Bug 80826 - cron source array bounds violation
cron source array bounds violation
Status: CLOSED NOTABUG
Product: Red Hat Linux
Classification: Retired
Component: vixie-cron (Show other bugs)
8.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jason Vas Dias
:
: 111430 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-12-31 13:20 EST by d.binderman
Modified: 2007-04-18 12:49 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-08-12 18:17:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description d.binderman 2002-12-31 13:20:40 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.6 [en-gb]C-CCK-MCD NetscapeOnline.co.uk  (Win98; I)

Description of problem:

Hello there,

I have just tried to compile package vixie-cron-3.0.1-69 from Redhat 8.0

Here are some of the messages the compiler produces

cc: Info: entry.c, line 152: In this statement, an array is being accessed outside the bounds specified for the array type. (subscrbounds)

The line in question is

	bit_set(e->hour, (LAST_HOUR-FIRST_HOUR+1));

It seems that the compiler is complaining about setting the 24th bit
in a 24 bit mask. There is no 24th bit, only 0-23 bits inclusive.
 
I have no fix for this problem. 



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Compile the package with any C compiler that sanity checks array indexes,
for example Compaq.
2.
3.
    

Additional info:
Comment 1 Miloslav Trmac 2004-02-07 11:46:43 EST
*** Bug 111430 has been marked as a duplicate of this bug. ***
Comment 2 Jason Vas Dias 2004-08-12 18:17:26 EDT
Use gcc - it appears that whatever compiler you are using is
not up to the job - there is no "compaq" compiler shipped with 
Red Hat Linux.
As you can see, the entry->hours array is allocated such that
bits 0-24 can be referenced:
#define bitstr_size(nbits) \
        ((((nbits) - 1) >> 3) + 1)
#define bit_decl(name, nbits) \
        (name)[bitstr_size(nbits)]
#define FIRST_HOUR      0
#define LAST_HOUR       23
#define HOUR_COUNT      (LAST_HOUR - FIRST_HOUR + 1)
typedef unsigned char bitstr_t;
bitstr_t	bit_decl(hour,   HOUR_COUNT);

So the 'hour' array is:
   unsigned char hour [ 4 ];
(0-32 bits),
and the maximum byte that can be accessed by the 
_bit_byte(_stop);
of bit_nset / bit_set is 3.

By the way, the latest version of cron for RedHat 
is vixie-cron-4.1-9 - try compiling that version (with gcc!).


Comment 3 d.binderman 2004-08-13 14:22:02 EDT
>Use gcc - 

No. I prefer better (IMHO) compilers.

>it appears that whatever compiler you are using is
>not up to the job 

In fact Compaq C is better than gcc in two respects

1. Better front end (as you see above).
2. Better back end (gives fast code).

>- there is no "compaq" compiler shipped with 
>Red Hat Linux.

True, it's a downloadable extra.

Where the Compaq C compiler reports this kind of warning,
100% of the time, it is correct, in my experience.

I wonder if you are compiling the same version of the product
that I did back in 2002 ?


>By the way, the latest version of cron for RedHat 
>is vixie-cron-4.1-9 - try compiling that version (with gcc!).

Not much point doing that, if my bug reports take 18 months to
be answered !

I think I'll be getting my Linux from a more responsive source
in future.

18 months for a bug report is wholly inadequate.


Note You need to log in before you can comment on or make changes to this bug.