Full_Name: Peter Helfer Version: 1.2.9 OS: Solaris URL: Submission from: (NULL) (192.75.88.40) In libraries/liblber/io.c, function get_tag, if tag is 'i' bytes long and i > 1, then it is read into the leftmost i bytes of unsigned long tag. Then, /* want leading, not trailing 0's */ return( tag >> (sizeof(long) - i - 1) ); This doesn't work, because (a) rhs of >> specifies bits, not bytes (b) >> shifts from msb to lsb, not from left to right in memory (c) >> may fill either with 1s or 0s if msb is 1 (architecture dependent) (d) the result needs to be converted to host byte order What's needed is something like: /* shift the bytes to the right */ if (i < sizeof(long)) { char *dest = (char *) &tag + sizeof(long) - 1; char *src = (char *) &tag + i - 1; while (src >= (char *) &tag) { *dest-- = *src--; } while (dest >= (char *) &tag) { *dest-- = 0; } } /* convert from network to host byte-order */ tag = ntohl(tag);
changed notes changed state Open to Suspended moved from Incoming to Software Bugs
get_tag is ifdef'ed away. I, however, believe that ber_get_tag() has similiar problems. I've committed a simple fix to devel and will backport to 1.2 before next release. Kurt At 01:45 PM 4/17/00 GMT, peter@cogno.com wrote: >Full_Name: Peter Helfer >Version: 1.2.9 >OS: Solaris >URL: >Submission from: (NULL) (192.75.88.40) > > >In libraries/liblber/io.c, function get_tag, if tag is 'i' bytes long >and i > 1, then it is read into the leftmost i bytes of unsigned long tag. >Then, > > /* want leading, not trailing 0's */ > return( tag >> (sizeof(long) - i - 1) ); > >This doesn't work, because > (a) rhs of >> specifies bits, not bytes > (b) >> shifts from msb to lsb, not from left to right in memory > (c) >> may fill either with 1s or 0s if msb is 1 (architecture dependent) > (d) the result needs to be converted to host byte order > >What's needed is something like: > >/* shift the bytes to the right */ >if (i < sizeof(long)) { > char *dest = (char *) &tag + sizeof(long) - 1; > char *src = (char *) &tag + i - 1; > > while (src >= (char *) &tag) { > *dest-- = *src--; > } > while (dest >= (char *) &tag) { > *dest-- = 0; > } >} > >/* convert from network to host byte-order */ >tag = ntohl(tag); > > > >
changed state Suspended to Closed
Needs review