Opened 17 years ago

Last modified 17 years ago

#135 closed defect

Seek and scan may crash when searching EAs — at Version 2

Reported by: Steven Levine Owned by: Steven Levine
Priority: blocker Milestone: Release_3.7
Component: fm/2 base Version: 3.07
Keywords: Cc:

Description (last modified by Steven Levine)

Seek and scan can crash when searching EAs.

P1=00000002  P2=00000008  P3=XXXXXXXX  P4=XXXXXXXX
CS:EIP=005b:12d9390e  CSACC=f0df  CSLIM=ffffffff
SS:ESP=0053:00e3e6e0  SSACC=f0f3  SSLIM=ffffffff
EBP=00e3e75c  FLG=00012287
EAX=00080900  EBX=00400000  ECX=00403744  EDX=00000000
ESI=00400000  EDI=00000000
DS=0053  DSACC=f0f3  DSLIM=ffffffff
ES=0053  ESACC=f0f3  ESLIM=ffffffff
FS=150b  FSACC=00f3  FSLIM=00000030
GS=0000  GSACC=****  GSLIM=*******

This is in _nfree.

# dd ss:esp

0053:00e3e6e0  00000000 00403748 00400000 12d8cbc5
0053:00e3e6f0  00e3e9f8 00403730 004037f8 00000042
0053:00e3e700  12db3c34 0000fffe 00000009 12dbdfa8
0053:00e3e710  003f1fa0 1ffc3db8 00000001 0000000a
0053:00e3e720  0000002a 0000002c 0000000a 00000000
0053:00e3e730  00d10030 000001d3 00000000 00e3e774
0053:00e3e740  00e40c98 0040377c 00000000 0000fffd
0053:00e3e750  00400012 00e3e700 00e3e898 00e3e898

Looking at the stack finds

# ln %12d8cbc5
%12d8cb80 FM3DLL _nfree_ + 45
# ln %12db3c34
%12db3c22 FM3DLL !Free_FEAList_ + 12
# ln %12dbdfa8
%12dbd5b1 FM3DLL !GrepThread_ + 9f7
# ln %1ffc3db8

I suspect the error is in !GetFileEAs(). There's probably a one character overflow because the code is not properly accounting for the extra character copied when attempting to place a nul at then end of each EA.

The reason this is showing up is most likely because VAC defaulted to pack(4), IIRC, and OpenWatcom defaults to pack(1).

Change History (2)

comment:1 by Steven Levine, 17 years ago

Status: newassigned

comment:2 by Steven Levine, 17 years ago

Description: modified (diff)
Note: See TracTickets for help on using tickets.