i attach the Projects in case you want to see them.
On Mon, 2011-01-10 at 01:54 +0200, Demosthenes Koptsis wrote: > so i manage to make it work... > > i saw an example that said to use PATH_MAX+1 > https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/coding/760-BSI.html > > so i did > > Example 1) ---------------------- > ' Gambas module file > 'char *getcwd(char *buf, size_t size); > Extern getcwd(buf As Pointer, size As Integer) As Pointer In "libc:6" > > Public Sub Main() > > Dim pFunc As Pointer > Dim pBuf As Pointer > Dim sWorkingDirectory As String > > 'getcwd > pFunc = Alloc(4097) > pBuf = Alloc(4097) > > pFunc = getcwd(pBuf, 4097) > > sWorkingDirectory = Str@(pFunc) > Print sWorkingDirectory > Free(pFunc) > ' Free(pBuf) > Print sWorkingDirectory > > End > ---------------------- > > a) note in 1st example that > Print sWorkingDirectory > Free(pFunc) > Print sWorkingDirectory > > first print gives the correct output > /home/user/Documents/Development/Gambas3/Pointers7 > > and the second after Free(pFunc) gives this > �s&^...@^@^...@^@^...@^@^...@^@^...@ocuments/Development/Gambas3/Pointers7 > > b) if i use Free(pBuf) > i get signal #6 > and > *** glibc detected *** Pointers7: double free or corruption (!prev): > 0x087c94c0 *** > > Example 2 -------------------- > ' Gambas module file > 'char *get_current_dir_name(void); > Extern get_current_dir_name() As Pointer In "libc:6" > > Public Sub Main() > > Dim pFunc As Pointer > Dim sWorkingDirectory As String > > 'get_current_dir_name > pFunc = Alloc(4097) > > pFunc = get_current_dir_name() > > sWorkingDirectory = Str@(pFunc) > Print sWorkingDirectory > Free(pFunc) > > End > ----------------------- > here i get correct results > but if i use Free(pFunc) i get signal #11 > > > > Example 3 --------------------------- > ' Gambas module file > ' Gambas module file > 'char *getwd(char *buf); > Extern getwd(buf As Pointer) As Pointer In "libc:6" > > Public Sub Main() > > Dim pBuf As Pointer > Dim pFunc As Pointer > Dim sWorkingDirectory As String > > 'getwd > pBuf = Alloc(4097) > pFunc = Alloc(4097) > > pFunc = getwd(pBuf) > > sWorkingDirectory = Str@(pFunc) > ' Free(pBuf) > Print sWorkingDirectory > Free(pFunc) > Print sWorkingDirectory > > End > -------------------------- > > here the same with example1. > Free(pBuf) > Free(pFunc) > raises both signal #6 > and > *** glibc detected *** Pointers5: double free or corruption (!prev): > 0x09b0e4a8 *** > > also > Print sWorkingDirectory > Free(pFunc) > Print sWorkingDirectory > > first Print is correct > second after Free is not correct > > /home/user/Documents/Development/Gambas3/Pointers5 > �s&^...@^@^...@^@^...@^@^...@^@^...@ocuments/Development/Gambas3/Pointers5 > > > > On Mon, 2011-01-10 at 01:16 +0200, Demosthenes Koptsis wrote: > > 1) Ok, i found why this function is dangerous. > > https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/coding/760-BSI.html > > "Since the user cannot specify the length of the buffer passed to > > getwd(), use of this function is discouraged. The length of a pathname > > described in {PATH_MAX} is file system-dependent and may vary from one > > mount point to another, or might even be unlimited. It is possible to > > overflow this buffer in such a way as to cause applications to fail or > > possible system security violations." > > > > But here i make a test no real life project. > > > > 2) So, i found in /usr/include/linux/limits.h > > Line Number: 12 > > #define PATH_MAX 4096 /* # chars in a path name including nul */ > > > > is this the value? > > > > i tried this value in my example with no success, i make somewhere else > > the mistake. > > > > --------------- > > ' Gambas module file > > ' Gambas module file > > 'char *getwd(char *buf); > > Extern getwd(buf As Pointer) As Pointer In "libc:6" > > > > Public Sub Main() > > > > Dim pBuf As Pointer > > Dim pFunc As Pointer > > Dim sWorkingDirectory As String > > > > 'getwd > > pBuf = Alloc(4096) > > pFunc = Alloc(4096) > > > > pFunc = getwd(pBuf) > > > > sWorkingDirectory = Str@(pFunc) > > Free(pFunc) > > Free(pBuf) > > Print sWorkingDirectory > > > > End > > --------------- > > > > signal #6 > > > > ---------------- > > *** glibc detected *** Pointers5: double free or corruption (!prev): > > 0x0893f498 *** > > ======= Backtrace: ========= > > /lib/tls/i686/cmov/libc.so.6(+0x6b591)[0x17b591] > > /lib/tls/i686/cmov/libc.so.6(+0x6cde8)[0x17cde8] > > /lib/tls/i686/cmov/libc.so.6(cfree+0x6d)[0x17fecd] > > Pointers5[0x805ed2e] > > Pointers5[0x8076a6a] > > Pointers5[0x8050a99] > > Pointers5[0x80513d8] > > Pointers5[0x80689cd] > > /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0x126bd6] > > Pointers5[0x804b151] > > ======= Memory map: ======== > > 00110000-00263000 r-xp 00000000 08:04 > > 2019753 /lib/tls/i686/cmov/libc-2.11.1.so > > 00263000-00264000 ---p 00153000 08:04 > > 2019753 /lib/tls/i686/cmov/libc-2.11.1.so > > 00264000-00266000 r--p 00153000 08:04 > > 2019753 /lib/tls/i686/cmov/libc-2.11.1.so > > 00266000-00267000 rw-p 00155000 08:04 > > 2019753 /lib/tls/i686/cmov/libc-2.11.1.so > > 00267000-0026a000 rw-p 00000000 00:00 0 > > 00428000-00438000 r-xp 00000000 08:04 > > 1906544 /usr/local/lib/gambas3/gb.eval.so.0.0.0 > > 00438000-00439000 r--p 0000f000 08:04 > > 1906544 /usr/local/lib/gambas3/gb.eval.so.0.0.0 > > 00439000-0043b000 rw-p 00010000 08:04 > > 1906544 /usr/local/lib/gambas3/gb.eval.so.0.0.0 > > 0043b000-0043c000 rw-p 00000000 00:00 0 > > 0046e000-0046f000 r-xp 00000000 00:00 0 [vdso] > > 006c9000-006ce000 r-xp 00000000 08:04 > > 688690 /usr/lib/libffi.so.5.0.10 > > 006ce000-006cf000 ---p 00005000 08:04 > > 688690 /usr/lib/libffi.so.5.0.10 > > 006cf000-006d0000 r--p 00005000 08:04 > > 688690 /usr/lib/libffi.so.5.0.10 > > 006d0000-006d1000 rw-p 00006000 08:04 > > 688690 /usr/lib/libffi.so.5.0.10 > > 00739000-0075d000 r-xp 00000000 08:04 > > 2019761 /lib/tls/i686/cmov/libm-2.11.1.so > > 0075d000-0075e000 r--p 00023000 08:04 > > 2019761 /lib/tls/i686/cmov/libm-2.11.1.so > > 0075e000-0075f000 rw-p 00024000 08:04 > > 2019761 /lib/tls/i686/cmov/libm-2.11.1.so > > 00aa5000-00ac2000 r-xp 00000000 08:04 1995027 /lib/libgcc_s.so.1 > > 00ac2000-00ac3000 r--p 0001c000 08:04 1995027 /lib/libgcc_s.so.1 > > 00ac3000-00ac4000 rw-p 0001d000 08:04 1995027 /lib/libgcc_s.so.1 > > 00bca000-00bcc000 r-xp 00000000 08:04 > > 2019759 /lib/tls/i686/cmov/libdl-2.11.1.so > > 00bcc000-00bcd000 r--p 00001000 08:04 > > 2019759 /lib/tls/i686/cmov/libdl-2.11.1.so > > 00bcd000-00bce000 rw-p 00002000 08:04 > > 2019759 /lib/tls/i686/cmov/libdl-2.11.1.so > > 00c25000-00c3a000 r-xp 00000000 08:04 > > 2019772 /lib/tls/i686/cmov/libpthread-2.11.1.so > > 00c3a000-00c3b000 r--p 00014000 08:04 > > 2019772 /lib/tls/i686/cmov/libpthread-2.11.1.so > > 00c3b000-00c3c000 rw-p 00015000 08:04 > > 2019772 /lib/tls/i686/cmov/libpthread-2.11.1.so > > 00c3c000-00c3e000 rw-p 00000000 00:00 0 > > 00dc3000-00dc7000 r-xp 00000000 08:04 > > 1906676 /usr/local/lib/gambas3/gb.debug.so.0.0.0 > > 00dc7000-00dc8000 r--p 00003000 08:04 > > 1906676 /usr/local/lib/gambas3/gb.debug.so.0.0.0 > > 00dc8000-00dc9000 rw-p 00004000 08:04 > > 1906676 /usr/local/lib/gambas3/gb.debug.so.0.0.0 > > 00eeb000-00f06000 r-xp 00000000 08:04 1996732 /lib/ld-2.11.1.so > > 00f06000-00f07000 r--p 0001a000 08:04 1996732 /lib/ld-2.11.1.so > > 00f07000-00f08000 rw-p 0001b000 08:04 1996732 /lib/ld-2.11.1.so > > 08048000-0807e000 r-xp 00000000 08:04 1785292 /usr/local/bin/gbx3 > > 0807e000-0807f000 r--p 00035000 08:04 1785292 /usr/local/bin/gbx3 > > 0807f000-08084000 rw-p 00036000 08:04 1785292 /usr/local/bin/gbx3 > > 08084000-08086000 rw-p 00000000 00:00 0 > > 08932000-08953000 rw-p 00000000 00:00 0 [heap] > > b7500000-b7521000 rw-p 00000000 00:00 0 > > b7521000-b7600000 ---p 00000000 00:00 0 > > b768a000-b76c9000 r--p 00000000 08:04 > > 737484 /usr/lib/locale/en_US.utf8/LC_CTYPE > > b76c9000-b77e7000 r--p 00000000 08:04 > > 737483 /usr/lib/locale/en_US.utf8/LC_COLLATE > > b77e7000-b77e9000 rw-p 00000000 00:00 0 > > b77f1000-b77f2000 r--p 00000000 08:04 > > 737500 /usr/lib/locale/en_US.utf8/LC_NUMERIC > > b77f2000-b77f3000 r--p 00000000 08:04 > > 735917 /usr/lib/locale/en_US.utf8/LC_TIME > > b77f3000-b77f4000 r--p 00000000 08:04 > > 735918 /usr/lib/locale/en_US.utf8/LC_MONETARY > > b77f4000-b77f5000 r--p 00000000 08:04 > > 752258 /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES > > b77f5000-b77f6000 r--p 00000000 08:04 > > 737523 /usr/lib/locale/en_US.utf8/LC_PAPER > > b77f6000-b77f7000 r--p 00000000 08:04 > > 737455 /usr/lib/locale/en_US.utf8/LC_NAME > > b77f7000-b77f8000 r--p 00000000 08:04 > > 735919 /usr/lib/locale/en_US.utf8/LC_ADDRESS > > b77f8000-b77f9000 r--p 00000000 08:04 > > 735920 /usr/lib/locale/en_US.utf8/LC_TELEPHONE > > b77f9000-b77fa000 r--p 00000000 08:04 > > 737398 /usr/lib/locale/en_US.utf8/LC_MEASUREMENT > > b77fa000-b7801000 r--s 00000000 08:04 > > 1619066 /usr/lib/gconv/gconv-modules.cache > > b7801000-b7802000 r--p 00000000 08:04 > > 735921 /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION > > b7802000-b7806000 rw-p 00000000 00:00 0 > > bfa53000-bfa68000 rw-p 00000000 00:00 0 [stack] > > > > ---------------- > > > > i saw that the first line says > > *** glibc detected *** Pointers5: double free or corruption (!prev) > > > > and i rem the one Free(). > > > > now i get > > -------------- > > gbx3: warning: 1 allocation(s) non freed. > > > > ���...@^@^...@^@^...@^@^...@^@^...@ocuments/Development/Gambas3/Pointers5 > > -------------- > > > > but no crash. > > > > i played with the values of Alloc and i found that in my case a 29 bytes > > are ok but with one Free() or else i get signal #11. > > > > is there a bug with > > Free(pBuf) > > Free(pFunc) > > ? > > > > 3) On the other hand, i have a general question. > > How to deal with char *pointers when their length is not known? > > > > 4) For example i try to use > > 'char *get_current_dir_name(void); > > Extern get_current_dir_name() As Pointer In "libc:6" > > > > again with no success. > > > > in manuall says: > > get_current_dir_name() will malloc(3) an array big enough to hold the > > absolute pathname of the current working directory. > > > > in my example: > > > > --------------------- > > ' Gambas module file > > 'char *get_current_dir_name(void); > > Extern get_current_dir_name() As Pointer In "libc:6" > > > > Public Sub Main() > > > > Dim pFunc As Pointer > > Dim sWorkingDirectory As String > > > > 'get_current_dir_name > > pFunc = Alloc(4096) > > > > pFunc = get_current_dir_name() > > > > sWorkingDirectory = Str@(pFunc) > > ' Free(pFunc) > > Print sWorkingDirectory > > > > > > End > > --------------------- > > > > if i use > > Free(pFunc) > > > > i get signal #11 > > > > gambas3-svn3418, ubuntu 10.04 > > > > > > On Sun, 2011-01-09 at 21:37 +0100, Benoît Minisini wrote: > > > > so what can i do for > > > > > > > > char *getwd(char *buf); > > > > > > > > ? > > > > > > > > > > You must know C programming first, and understand how getwd works. By > > > typing > > > 'man getwd', you will learn that you must not use that function, it is > > > dangerous and so deprecated. > > > > > > Then you will read that buf must be a pointer to a memory allocation of > > > PATH_MAX bytes. You must find the value of this constant inside the > > > standard C > > > header files. > > > > > > SizeOf(gb.String) is 4 (on 32 bits system). It is the number of bytes > > > used by > > > Gambas to store a pointer to a Gambas string. This is the reason why you > > > get a > > > crash. > > > > > > Regards, > > > > > > -- Regards, Demosthenes
Pointers.tar.bz2
Description: application/bzip-compressed-tar
------------------------------------------------------------------------------ Gaining the trust of online customers is vital for the success of any company that requires sensitive data to be transmitted over the Web. Learn how to best implement a security strategy that keeps consumers' information secure and instills the confidence they need to proceed with transactions. http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________ Gambas-user mailing list Gambas-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/gambas-user
