Public bug reported:
Thought I ought to make you aware of some problems with SNACC's (C-lib)
ExpBufs, since finding them in our company's own branch of SNACC. (I've
checked, and they're still present in yours.)
The basic idea of ExpBufs is that there’s a chain of 1024-byte blocks of
memory. The thing the original author failed to consider is that
there’s a difference between leaving the “current” pointer at the end of
one block at the end of an operation, and leaving it at the beginning of
the next – they leave it on different sides after reading and after
writing. So a write then a write (or a read then a read) will always be
fine, but doing one then the other will fail if the first ends on a
1024-byte boundary. (I’ve only fixed this one way round in our
codebase, since we only ever write then read everything back.)
The effect of this to the outside world is that when you try to compose
an ASN.1 message that should be a multiple of 1024 bytes, you'll get
back something that has the correct length but not necessarily the
correct contents.
The right fix is probably to make sure that the "current" pointer ends
up in a consistent place after all operations that end on a boundary.
My fix for our codebase is less right and more quick, so I won't include
it here!
** Affects: snacc (Ubuntu)
Importance: Undecided
Status: New
** Tags: asn.1 snacc
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1537085
Title:
SNACC ExpBuf bugs
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snacc/+bug/1537085/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
