Solved

Variable Overflow in UnixWare

Posted on 2000-03-18
1
348 Views
Last Modified: 2013-12-05
I have been facing a very typical problem in SCO's Unixware. the following is a small example

memset(ovtm_row.offline_flg,'\0',2);
ovtm_row.offline_flg[0] ='N';
memset(ovtm_row.officer_id,'\0',3);
/**memset(ovtm_row.remarks,'\0',80);**/
 /*** Prev Line commented and Next line added to avoid INDEX Corruption in table odtr -Engineer Mon Dec 20 6:56:43 SST 1999 ***/
 memset(ovtm_row.remarks,'\0',30);
 memset(ovtm_row.auth_flg,'\0',2);
 if(sff != 1)
 ovtm_row.auth_flg[0] = 'Y';
 else
 ovtm_row.auth_flg[0] = 'N';
 }

In the above piece of code, there is a variable ovtm_row.remarks. This was initally declared as char(30). and at the time of initalisation it was filled with 80 chars. Here ideally, we were expecting a error, or atleast the program should have generated a core dump, segmentation fault. But instead, the program gets executed without any errors and is affecting the database table index, which is no where linked in the function.

My question is, Should the OS allow such overflowed variables to corrupt the database, and is it really the problem with the OS, or something else.
B'coz, after adding a single line where we are initalising the variable with 30 chars, the problem has been cleared.
0
Comment
Question by:vpotnis
1 Comment
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
ID: 2631637
It's a problem with the code, not with the OS. In the general case the OS can't tell if a buffer is being over-run as the area is likely to just be somewhere within the region that the progamn does have write access to. The only times you'll get a core dump or memory protection violation are when the buffer over-run winds up writing over executable code and causes an invalid instruction trap, if it writes over a region that contains pointers, or if the write would extend beyond the address space of the program. Over writing pointers will cause all manner of grief, and depending on what pointers are over-written and when they are used the problem may not become apparent until much later in the execution of the program. Over-writing some other type of data region may just result in improper results.

There are tools to look for these sorts of problems at run time on a lot of operating systems (Rational's Purify for Sun, HP, & SGI; ParaSoft's Insure for Linux; ElectricFence on RedHat (at least); etc.) I don't know what's available for Unixware, you'd have to look.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now