[Parted-maintainers] Bug#474822: parted: FTBFS: ../../../../libparted/fs/fat/traverse.c:361: error: array subscript is above array bounds

Thu May 29 20:18:55 UTC 2008

tags 474822 patch
user ubuntu-devel at lists.ubuntu.com
usertags 474822 ubuntu-patch intrepid
thanks

On Fri, Apr 11, 2008 at 09:07:18PM +0100, Bradley Smith wrote:
> Patch attached.

> diff -Naur parted-1.7.1.orig/libparted/fs/fat/traverse.c parted-1.7.1/libparted/fs/fat/traverse.c
> --- parted-1.7.1.orig/libparted/fs/fat/traverse.c	2006-05-25 18:29:03.000000000 +0100
> +++ parted-1.7.1/libparted/fs/fat/traverse.c	2008-04-11 20:54:24.000000000 +0100
> @@ -346,20 +346,21 @@
>  void
>  fat_dir_entry_get_name (FatDirEntry*dir_entry, char *result) {
>  	int     i;
> -	char   *src;
> +	char   *src, *ext;
>  
>  	src = dir_entry->name;
> +    ext = (char*)dir_entry->extension;
>  
>  	for (i=0; i<8; i++) {
>  		if (src[i] == ' ' || src[i] == 0) break;
>  		*result++ = src[i];
>  	}
>  
> -	if (src[8] != ' ' && src[8] != 0) {
> +	if (ext[8] != ' ' && ext[8] != 0) {

This is an error; ext points eight bytes further along the FatDirEntry
structure, so this needs to be ext[0] rather than ext[8].

I think it makes sense just to backport the fix from git for this. It
has a slight problem, though (I just mailed an additional patch to
parted-devel for it). The attached dpatch builds successfully on Ubuntu
intrepid with gcc-4.3.

Thanks,

-- 
Colin Watson                                       [cjwatson at debian.org]
-------------- next part --------------
#! /bin/sh /usr/share/dpatch/dpatch-run
## array-bounds.dpatch by Colin Watson <cjwatson at ubuntu.com>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Backport from git (and also an extra tweak to avoid a signed/unsigned
## DP: warning):
## DP:
## DP: commit 8bd3645d7c184ac6a4076414b469ece15fbcccde
## DP: Author: Jim Meyering <meyering at redhat.com>
## DP: Date:   Mon Jan 14 20:01:39 2008 +0100
## DP:
## DP:     Avoid new error detected by very latest gcc.
## DP:
## DP:     * libparted/fs/fat/traverse.c (fat_dir_entry_get_name): Don't reference
## DP:     ->extension[3] via a pointer into the prior ->name[8] struct member.
## DP:     gcc detected the reference beyond end of name[8].
## DP:     Declare first parameter to be "const".
## DP:     * libparted/fs/fat/traverse.c: Update prototype.

@DPATCH@
diff -urNad parted-1.7.1~/libparted/fs/fat/traverse.c parted-1.7.1/libparted/fs/fat/traverse.c

--- parted-1.7.1~/libparted/fs/fat/traverse.c	2006-05-25 18:29:03.000000000 +0100
+++ parted-1.7.1/libparted/fs/fat/traverse.c	2008-05-29 21:13:21.000000000 +0100
@@ -344,22 +344,24 @@
     decrypts silly DOS names to FILENAME.EXT
 */
 void
-fat_dir_entry_get_name (FatDirEntry*dir_entry, char *result) {
-	int     i;
-	char   *src;
+fat_dir_entry_get_name (const FatDirEntry *dir_entry, char *result) {
+	size_t  i;
+	const char *src;
+	const char *ext;
 
 	src = dir_entry->name;
 
-	for (i=0; i<8; i++) {
+	for (i=0; i < sizeof dir_entry->name; i++) {
 		if (src[i] == ' ' || src[i] == 0) break;
 		*result++ = src[i];
 	}
 
-	if (src[8] != ' ' && src[8] != 0) {
+	ext = (const char *) dir_entry->extension;
+	if (ext[0] != ' ' && ext[0] != 0) {
 		*result++ = '.';
-		for (i=8; i<11; i++) {
-			if (src[i] == ' ' || src[i] == 0) break;
-			*result++ = src[i];
+		for (i=0; i < sizeof dir_entry->extension; i++) {
+			if (ext[i] == ' ' || ext[i] == 0) break;
+			*result++ = ext[i];
 		}
 	}
 
diff -urNad parted-1.7.1~/libparted/fs/fat/traverse.h parted-1.7.1/libparted/fs/fat/traverse.h
--- parted-1.7.1~/libparted/fs/fat/traverse.h	2006-05-25 18:29:03.000000000 +0100
+++ parted-1.7.1/libparted/fs/fat/traverse.h	2008-05-29 21:13:12.000000000 +0100
@@ -73,7 +73,7 @@
 extern int fat_dir_entry_is_file (FatDirEntry* dir_entry);
 extern int fat_dir_entry_is_system_file (FatDirEntry* dir_entry);
 extern int fat_dir_entry_is_directory (FatDirEntry* dir_entry);
-extern void fat_dir_entry_get_name (FatDirEntry* dir_entry, char* result);
+extern void fat_dir_entry_get_name (const FatDirEntry* dir_entry, char* result);
 extern int fat_dir_entry_is_active (FatDirEntry* dir_entry);
 extern int fat_dir_entry_has_first_cluster (FatDirEntry* dir_entry,
 					    PedFileSystem* fs);
