This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/6461] New: else block bug introduced in iconv/gconv_simple.c@1.60

From: "bugs at juliano dot info" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: 26 Apr 2008 21:38:34 -0000
Subject: [Bug libc/6461] New: else block bug introduced in iconv/gconv_simple.c@1.60
Reply-to: sourceware-bugzilla at sourceware dot org

There is an old bug introduced back in 2004 in revision 1.60 of
iconv/gconv_simple.c that remains until today in the libc sources. Someone
should review this diff and any other changes committed together for similar
mistakes.

http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/iconv/gconv_simple.c.diff?r1=1.59&r2=1.60&cvsroot=glibc

The relevant parts are:

@@ -808,7 +820,8 @@
       }						      \
     else						      \
       /* It's an one byte sequence.  */		      \
-      *((uint32_t *) outptr)++ = *inptr++;		      \
+      *((uint32_t *) outptr) = *inptr++;		      \
+      outptr += sizeof (uint32_t);			      \
   }
 #define LOOP_NEED_FLAGS
 #include <iconv/loop.c>
@@ -838,7 +851,8 @@
       }						      \
     else						      \
       /* It's an one byte sequence.  */		      \
-      *outptr++ = *((const uint32_t *) inptr)++;	      \
+      *outptr++ = *((const uint32_t *) inptr);		      \
+      inptr += sizeof (uint32_t);			      \
   }
 #define LOOP_NEED_FLAGS
 #include <iconv/loop.c>

Note that two one-statement else clauses were replace by a pair of statements
each, without adding { ... } around the statements. So, the second statement is
not part of the else clause.

I don't know what are the effects of this bug. I found it by chance while
setting up a very specific environment, where I had to use an old version
(2.3.2) of the GNU libc.

This code is still present in the current version of this file, as of today
(2008-04-26):

http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/iconv/gconv_simple.c?rev=1.67&content-type=text/x-cvsweb-markup&cvsroot=glibc

-- 
           Summary: else block bug introduced in iconv/gconv_simple.c@1.60
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: bugs at juliano dot info
                CC: glibc-bugs at sources dot redhat dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=6461

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]