Bug 132 - BUFSIZ/BUFSIZE mixing in libX11
Summary: BUFSIZ/BUFSIZE mixing in libX11
Status: CLOSED FIXED
Alias: None
Product: xorg
Classification: Unclassified
Component: Lib/Xlib (show other bugs)
Version: git
Hardware: x86 (IA32) FreeBSD
: high normal
Assignee: Jim Gettys
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-10-29 23:24 UTC by Eric Anholt
Modified: 2019-12-09 06:56 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:


Attachments
Patch to Xorg CVS head of 3/20/05 to fix both issues noted (1.39 KB, patch)
2005-03-20 20:53 UTC, Alan Coopersmith
no flags Details | Splinter Review

Description Eric Anholt 2003-10-29 23:24:21 UTC
While looking at malloc(0) issues, I noticed that in src/ErrDes.c, there is an
array of length BUFSIZ on the stack, but it gets used if the length to be put in
it is less than BUFSIZE.  BUFSIZE is defined to be 2048 in the X11 headers, but
the only definition of BUFSIZ I could find was in stdio.h, where it was 1024. 
Should the BUFSIZ usages get changed over to BUFSIZE?
Comment 1 Stuart Anderson 2004-02-19 08:09:32 UTC
Looks like there is a simple fix for this problem pointed out: 
 
diff -c -r3.13 ErrDes.c 
*** ErrDes.c    1 Feb 2004 16:16:03 -0000       3.13 
--- ErrDes.c    19 Feb 2004 16:08:38 -0000 
*************** 
*** 168,174 **** 
      if (db) 
      { 
        tlen = strlen (name) + strlen (type) + 2; 
!       if (tlen <= BUFSIZE) 
            tptr = temp; 
        else 
            tptr = Xmalloc (tlen); 
--- 168,174 ---- 
      if (db) 
      { 
        tlen = strlen (name) + strlen (type) + 2; 
!       if (tlen <= BUFSIZ) 
            tptr = temp; 
        else 
            tptr = Xmalloc (tlen); 
 
Comment 2 Stuart Anderson 2004-02-19 08:26:08 UTC
Additional interesting improvment here would be a more accurate way of saying  
"Is there room in the buffer" and should cause a higher hitrate on using the  
existing buffer vs having to allocate a buffer:  
  
diff -c -r3.6 XKBSetGeom.c  
*** XKBSetGeom.c        1 Feb 2004 16:16:03 -0000       3.6  
--- XKBSetGeom.c        19 Feb 2004 16:08:39 -0000  
***************  
*** 400,406 ****  
      sz+= _SizeGeomDoodads(geom->num_doodads,geom->doodads);  
      sz+= _SizeGeomKeyAliases(geom);  
      req->length+= (sz/4);  
!     if (sz<BUFSIZE) {  
        BufAlloc(char *,wire,sz);  
        tbuf= NULL;  
      }  
--- 400,406 ----  
      sz+= _SizeGeomDoodads(geom->num_doodads,geom->doodads);  
      sz+= _SizeGeomKeyAliases(geom);  
      req->length+= (sz/4);  
!     if (sz<(dpy->bufmax-dpy->buffer)) {  
        BufAlloc(char *,wire,sz);  
        tbuf= NULL;  
      }  
Comment 3 Alan Coopersmith 2005-03-20 20:53:02 UTC
Created attachment 2168 [details] [review]
Patch to Xorg CVS head of 3/20/05 to fix both issues noted
Comment 4 Alan Coopersmith 2005-03-20 21:01:20 UTC
Fix committed to Xorg CVS head.   Leaving this bug open since it was filed against
the xlibs version of libX11.
Comment 5 Eric Anholt 2006-02-19 01:41:19 UTC
Xlibs is dead.  Let this bug be, as well.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.