[Bug-cpio] insufficient size of variable in util.c according LFS

bug-cpio

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-cpio] insufficient size of variable in util.c according LFS

From:	Ladislav Michnovič
Subject:	[Bug-cpio] insufficient size of variable in util.c according LFS
Date:	Fri, 8 Jun 2007 17:39:25 +0200

Hello.
I was going through a LFS patch and comparing to yesterdays CVS
version of cpio.
I can see in file util.c:441 in function
------------------------
copy_files_tape_to_disk (int in_des, int out_des, off_t num_bytes)
{
 long size;
 long k;
------------------------

"k" and "size" are long, but "num_bytes" is off_t

The size of off_t is 8 when compiled with -D_FILE_OFFSET_BITS=64 and
the size of long is only 4 on 32 bit arch.
I think option -D_FILE_OFFSET_BITS=64 is used now commonly to enable LFS.

But I see few lines below :
--------------------------------
size = (input_size < num_bytes) ? input_size : num_bytes;
     if (crc_i_flag)
       {
         for (k = 0; k < size; ++k)
--------------------------------

IMHO this could cause an overflow in certain cases.
This issue is also in other functions in that file.

Regards Ladislav.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-cpio] insufficient size of variable in util.c according LFS, Ladislav Michnovič <=
- Re: [Bug-cpio] insufficient size of variable in util.c according LFS, Sergey Poznyakoff, 2007/06/13

Prev by Date: Re: [Bug-cpio] unable to squash perms while creating a cpio archive
Next by Date: [Bug-cpio] bug in cpio
Previous by thread: Re: [Bug-cpio] What am I doing wrong?
Next by thread: Re: [Bug-cpio] insufficient size of variable in util.c according LFS
Index(es):
- Date
- Thread