Re: [PATCH v2] Cygwin: clipboard: Fix a bug in read().

Tue, 07 Dec 2021 22:30:58 -0800 

Brian Inglis wrote:

On 2021-12-07 13:18, Thomas Wolff wrote:


Am 07.12.2021 um 15:23 schrieb Corinna Vinschen:

On Dec  7 23:00, Takashi Yano wrote:

- Fix a bug in fhandler_dev_clipboard::read() that the second read
   fails with 'Bad address'.

Addresses:
   https://cygwin.com/pipermail/cygwin/2021-December/250141.html
---
  winsup/cygwin/fhandler_clipboard.cc | 2 +-
  winsup/cygwin/release/3.3.4         | 6 ++++++
  2 files changed, 7 insertions(+), 1 deletion(-)
  create mode 100644 winsup/cygwin/release/3.3.4


diff --git a/winsup/cygwin/fhandler_clipboard.cc 
b/winsup/cygwin/fhandler_clipboard.cc

index 0b87dd352..ae10228a7 100644
--- a/winsup/cygwin/fhandler_clipboard.cc
+++ b/winsup/cygwin/fhandler_clipboard.cc
@@ -229,7 +229,7 @@ fhandler_dev_clipboard::read (void *ptr, size_t& len)
        if (pos < (off_t) clipbuf->cb_size)
      {
        ret = (len > (clipbuf->cb_size - pos)) ? clipbuf->cb_size - pos : len;
-      memcpy (ptr, &clipbuf[1] + pos , ret);
+      memcpy (ptr, (char *) &clipbuf[1] + pos, ret);



I'm always cringing a bit when I see this kind of expression. Personally
I think (ptr + offset) is easier to read than &ptr[offset], but of course
that's just me.  If you agree, would it be ok to change the above to

   (char *) (clipbuf + 1)

while you're at it?  If you like the ampersand expression more, it's ok,
too, of course.  Please push.



In this specific case I think it's actually more confusing because of the type 
mangling that's intended in the clipbuf.

At quick glance, it looks a bit as if the following were meant:

   (char *) clipbuf + 1

I'd even make it clearer like

+      memcpy (ptr, ((char *) &clipbuf[1]) + pos, ret);
or even
+      memcpy (ptr, ((char *) (&clipbuf[1])) + pos, ret);


If the intent is to address:

     clipbuf + pos + 1

use either that or:

     &clipbuf[pos + 1]

to avoid obscuring the intent,
and add comments to make it clearer!



Boy am I kicking myself for screwing up the original here and opening this can of 
worms.  Brian, you'd be correct if clipbuf was (char *) like anything-buf often 
is.  But here it's a struct defining the initial part of a dynamic char buffer.


So my original
    &clipbuf[1]

to mean "just after the defining struct" was OK.  But the code needed a ptr to 
some char offset after that and

    &clipbuf[1] + pos

was wrong.  Casting the left term to (char *) would fix it.  But I like Corinna's 
choice of

    (char *) (clipbuf + 1)

to be most elegant and clear of all.  Now enclose that in parens and append the 
char offset so the new expression is

    ((char *) (clipbuf + 1)) + pos
and all should be golden.  I don't think extra commentary is needed in code.

(I think.)

..mark






















					Reply via email to