Solved

Variable Overflow in UnixWare

Posted on 2000-03-18
1
349 Views
Last Modified: 2013-12-05
I have been facing a very typical problem in SCO's Unixware. the following is a small example

memset(ovtm_row.offline_flg,'\0',2);
ovtm_row.offline_flg[0] ='N';
memset(ovtm_row.officer_id,'\0',3);
/**memset(ovtm_row.remarks,'\0',80);**/
 /*** Prev Line commented and Next line added to avoid INDEX Corruption in table odtr -Engineer Mon Dec 20 6:56:43 SST 1999 ***/
 memset(ovtm_row.remarks,'\0',30);
 memset(ovtm_row.auth_flg,'\0',2);
 if(sff != 1)
 ovtm_row.auth_flg[0] = 'Y';
 else
 ovtm_row.auth_flg[0] = 'N';
 }

In the above piece of code, there is a variable ovtm_row.remarks. This was initally declared as char(30). and at the time of initalisation it was filled with 80 chars. Here ideally, we were expecting a error, or atleast the program should have generated a core dump, segmentation fault. But instead, the program gets executed without any errors and is affecting the database table index, which is no where linked in the function.

My question is, Should the OS allow such overflowed variables to corrupt the database, and is it really the problem with the OS, or something else.
B'coz, after adding a single line where we are initalising the variable with 30 chars, the problem has been cleared.
0
Comment
Question by:vpotnis
1 Comment
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
ID: 2631637
It's a problem with the code, not with the OS. In the general case the OS can't tell if a buffer is being over-run as the area is likely to just be somewhere within the region that the progamn does have write access to. The only times you'll get a core dump or memory protection violation are when the buffer over-run winds up writing over executable code and causes an invalid instruction trap, if it writes over a region that contains pointers, or if the write would extend beyond the address space of the program. Over writing pointers will cause all manner of grief, and depending on what pointers are over-written and when they are used the problem may not become apparent until much later in the execution of the program. Over-writing some other type of data region may just result in improper results.

There are tools to look for these sorts of problems at run time on a lot of operating systems (Rational's Purify for Sun, HP, & SGI; ParaSoft's Insure for Linux; ElectricFence on RedHat (at least); etc.) I don't know what's available for Unixware, you'd have to look.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now