Re: [Bug-XBoard] Re: Winboard

[Daniel Mehrmann]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Leo Dijksman wrote:

Hi Leo,

i will look for more possible buffer overflows this weekend. But thats
difficult and takes a long time.  I also want analyze your wb crash. Can
you send me the pgn or fen file about this
game which you are loaded with winboard ?

thanks


| I have reproduced the 'problem' here with Amy v0.8.4 and WinBoard 4.2.7,
| its reproducable with all older versions of Amy (not with v0.8.6 which
is a
| "fix"
| to this (at my request Thorsten increased the maximum output of Amy)) and
| also
| with Waster and (very probably) Muriel, maby more but I have not test
them.
|
| I have a debug file attached where I loaded one of the games of Amy 0.8.3
| where WinBoard crashed, after loading the game I set Amy to analise and
| winboard comes in problems as soon the long pv appears in the debugfile.
|>From that moment WinBoard use more as 50% of my CPU and then crash
| after around 15 seconds.
|
| Its reproducable at both Win2000Pro and WinXP Pro, using WinBoard 4.2.7
| and all 3,4 and 5 men egtbs (Nalimov), it happen in all cases when the pv
| send
| by the engine is _to_ long!
|
| I hope this helps, if you need more info please let me know!
|
| Leo.
|
| ----- Original Message -----
| From: "Tim Mann" <address@hidden>
| To: "Leo Dijksman" <address@hidden>
| Cc: <address@hidden>; <address@hidden>
| Sent: Sunday, January 25, 2004 2:19 AM
| Subject: Re: Winboard
|
|
|
|>WinBoard 4.2.7 has a fix for one buffer overflow bug (contributed by
|>Daniel Mehrmann), but there are probably more still left.  I don't know
|>if anyone else has plans to work on buffer overflows, but I've copied
|>this message to address@hidden so that the other developers will be
|>aware of the issue too.
|>
|>If you can be more specific about exactly what engines cause the crashes
|>and when, that would help anyone who finds time to work on them.  A
|>WinBoard.debug file would help too.  Thanks.
|>
|>On Sun, 28 Dec 2003 23:58:12 +0100, "Leo Dijksman"
|
| <address@hidden> wrote:
|
|>>Hello Tim,
|>>
|>>I have a question to you :)
|>>I have in the past taken some engines out of my wbec ridderkerk tourney
|>>because they 'crashed' Winboard, now I have again problems with one
|>>and it seems to have to do with point 353 at the todo list:
|>>================================================
|>>**353. WinBoard can crash when the engine outputs very long PV lines
|>>(or debug output that looks like a PV).  In particular, lines that
|>>start with 4 or more blanks following a "thinking" output line are
|>>treated as continuation lines, and get concatenated into a 512-byte
|>>buffer with no checking for overflow.  Generally we need a lot more
|>>care to avoid buffer overflows inside both xboard and WinBoard.
|>>[Note: changed the buffers to be 5120 bytes as a band-aid.]
|>>=================================================
|>>
|>>My question is if this is something what can/will be fixed at
|>>Xboard/Winboard
|>>or is it something the engine author have to change at his engine?
|>>If it will be done at XB/WB, can/will you put it high at the todo list
|>>please?
|>>
|>>I think, but I am not sure, that I run into that 'problem' earlier as
|
| other
|
|>>users
|>>because of the pretty long time controle at fast computers and have also
|>>ponder=on?
|>>
|>>Thanks in advance for any answer,
|>>
|>>Leo Dijksman.
|>>
|>
|>
|>--
|>Tim Mann  address@hidden  http://tim-mann.org/
|>
|>
|>
|>------------------------------------------------------------------------
|>
|>_______________________________________________
|>Bug-XBoard mailing list
|>address@hidden
|>http://mail.gnu.org/mailman/listinfo/bug-xboard


- --
Daniel Mehrmann
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFAFcI+Pt1V5Pj1nvYRArxqAJ9XesuQ1Suy3W+BSXyO2eRpkj2TTACfdhzh
VTpxgeaV1+nDD8UsGL/BF1Y=
=YW3E
-----END PGP SIGNATURE-----