Using the gnu address sanitizer ("asan") I find that the C++
widgets/mainwindow.cpp calls the f90 function jpl_setup to pass in the
absolute path filename to EPH data. C++ assumes a particular
implementation of f90 dynamically sized arrays, and passes 2 args to
jpl_setup, namely the char* and the length. The caller uses the wrong
length(bug!); the callee ignores the given length(bug!). What the callee
does is just copy 256 bytes, regardless of how many bytes the caller has
given the callee. Thus, if the filename is < 256 bytes, memory beyond the
filename is copied also. That's a bug.
I don't know the Qt idioms, nor the f90 idioms involving dimension,
allocatable, etc to make a portable safe correct implementation. My sleazy
solution assumes that the JPLEPH file name is <= 255 bytes long, and if
not, I prepend "/" to the absolute path filename (this won't work on
windows).
@@ -1103,6 +1103,9 @@ MainWindow::MainWindow(QDir const& temp_directory,
bool multiple,
update_foxLogWindow_rate(); // update the rate on the window
QString jpleph = m_config.data_dir().absoluteFilePath("JPLEPH");
+ while (jpleph.length() < 255) {
+ jpleph.push_front("/");
+ }
jpl_setup_(const_cast<char *>(jpleph.toLocal8Bit().constData()),256);
_______________________________________________
wsjt-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/wsjt-devel
