Hi Constantin,
we are currently reducing the number of fixed size arrays in CINT. It's a lengthy process, but at some point we will also change the one you mention.
Cheers, Axel.
Constantin Loizides wrote:
> Maybe this is already dealt with, but anyways, the following two
> strcpy/buffer problems are discussed on the CMS mailing lists.
> Constantin
>
>
> -------- Original Message --------
> From: Chris Jones <cdj_at_mail.lns.cornell.edu>
> Subject: Re: problem with dictionaries and G__set_class_autoloading_table
>
>
> *** Discussion title: Framework and Edm Development
>
> Hi Andrea,
> If one does a search of the ROOT code you'll find a number of
> instances with character buffers which are set at compile time to the
> size 1024. I just found one such incident,
> http://root.cern.ch/lxr/source/cint7/src/Shadow.cxx#127
>
> I believe a 'Shadow' class is used to handle storage of classes
> which do not inherit from TObject (which is true for all CMS data
> objects) so I think this routine would be called. As you can see,
> they buffer assumes that a type name will be less than 1024 and does
> no check that the call to strcpy will not go beyond that length.
> Therefore this looks like a candidate for your bug.
>
> If you can, it would be great if you could run 'valgrind' on your job
> since valgrind is very good at finding buffer overflows.
>
> Chris
>
> -------- Original Message --------
>
> Hi Andrea,
> Another possible candidate is
>
> http://root.cern.ch/lxr/source/meta/src/TCint.cxx#1006
>
> Chris
>
>
Received on Mon May 14 2007 - 18:08:38 CEST
This archive was generated by hypermail 2.2.0 : Mon May 14 2007 - 23:50:01 CEST