#3564: Inconsistent results from qsort callback in g.mkfontcap
 Reporter:  yugr     |      Owner:  grass-dev@…
     Type:  defect   |     Status:  new
 Priority:  normal   |  Milestone:
Component:  Default  |    Version:  7.4.0
 Keywords:           |        CPU:  All
 Platform:  All      |

 qsort callback compare_fonts in g.mkfontcap may return invalid result when
 arguments are swapped. Such bugs may causes inconsistent order or even
 crashes in some qsort implementations

 The issue has been detected when running standard testsuite under
 SortChecker? (​https://github.com/yugr/sortcheck):

   g.mkfontcap[15109]: qsort: comparison function is not symmetric
 (comparison function 0x4023c0 (/build/grass-7.0.3/dist.x86_64-pc-linux-
 gnu/bin/g.mkfontcap+0x4023c0), called from 0x4017a8
 cmdline is "/build/grass-7.0.3/dist.x86_64-pc-linux-gnu/bin/g.mkfontcap

 Problem is in lines
     if (aa->type != bb->type)
         return (aa->type > bb->type);
 which should be replaced with something like
     if (aa->type != bb->type)
         return (aa->type > bb->type) ? 1 : -1;

 As a side note, many qsort callbacks in Grass are vulnerable to integer
 overflows e.g. cmp_edge in ./lib/vector/neta/spanningtree.c:

     return ((edge_cost_pair *) pa)->cost - ((edge_cost_pair *) pb)->cost;

 or longcmp in ./raster/r.kappa/prt_mat.c:

     return (*a - *b);

 and many many others.

Ticket URL: <https://trac.osgeo.org/grass/ticket/3564>
GRASS GIS <https://grass.osgeo.org>

grass-dev mailing list

Reply via email to