El Diumenge, 27 de gener de 2013, a les 18:10:00, Pali Rohár va escriure: > On Saturday 19 January 2013 18:41:38 Tomáš Trnka wrote: > > > El Dimecres, 16 de gener de 2013, a les 15:08:19, Pali Rohár > > va escriure: > > > > Hello, > > > > > > > > last kopete in svn cannot be compiled with gcc 4.7 and -O2 > > > > due to some problem with memset (compiler/linker thinks > > > > that sometimes third arg len can be zero). > > > > > > Have a bug for this been reported to the gcc devels? > > > > Hello all, > > > > note that this is certainly not a bug in gcc, but a sign of a > > real bug in Kopete: > > > > int pos, len, i; > > > > pos = ( text.size() + 10 ) % 8; > > > > if( pos ) > > pos = 8 - pos; > > > > text.size returns an int here, so if the value is sufficiently > > large (close to INT_MAX), integer overflow will result in a > > negative value of pos. Subtracting that from 8 leads to pos > > > 8 and the memset subsequently overruns the allocated > > eight-byte buffer. (Additionally, text.size() can be set to > > an arbitrary – possibly negative – value using > > ByteArray::setSize()). > > > > Wrapping the memset in if (pos) doesn't do absolutely anything > > about the real problem, it just silences the warning. I'm not > > familiar with the code in question to suggest a real fix, but > > possibly clamping pos to 0 if negative would do the trick. > > > > Best regards, > > > > 2T > > At least that patch fixing compilation. Problem is in qq plugin so > can happen only for users of qq protocol. > > Will be patch included into KDE4.10?
Can we get the proper fix based on Tomáš analysis? Cheers, Albert _______________________________________________ kopete-devel mailing list kopete-devel@kde.org https://mail.kde.org/mailman/listinfo/kopete-devel
