I was having a pretty productive day finding and fixing those two arcane bugs, I gather :-) I'll commit them
right away. Looking into the array bounds problem is critical. Drew had some ideas about the list.c
implementation he considered rather obvious. I suppose that's his inner teacher talking, leaving the actual
solution to the student....
All I can come up with is adding to list.c:105
tlist->start->nextnode=NULL;
so tlist->start is never without a nextnode field.
Or better, fully initialize a struct element * before assigning it to
tlist->start.
How about:
struct element *new = (struct element *)my_malloc(sizeof(element));
new->data = (void *)my_malloc(dsize);
new->data = memcpy(new->data,data,dsize);
new->dsize = dsize;
new->nextnode = tlist->start;
tlist->start = new;
I left out the return value checks on the mallocs, for clarity sake.
But I'm still unable to reproduce this bug, which makes it rather difficult to
track down.
Off to some committing and testing.
Sean Chittenden wrote:
I want to test both fixes (esp the last one) a bit more before
committing them. But you might want to go ahead with 2.0.1 anyway.
Is the array bounds problem fixed? I've only seen a patch for pop3, not
imap. :( -sc
--
________________________________________________________________
Paul Stevens mailto:[EMAIL PROTECTED]
NET FACILITIES GROUP PGP: finger [EMAIL PROTECTED]
The Netherlands________________________________http://www.nfg.nl
