• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 361
  • Last Modified:

Variable Overflow in UnixWare

I have been facing a very typical problem in SCO's Unixware. the following is a small example

memset(ovtm_row.offline_flg,'\0',2);
ovtm_row.offline_flg[0] ='N';
memset(ovtm_row.officer_id,'\0',3);
/**memset(ovtm_row.remarks,'\0',80);**/
 /*** Prev Line commented and Next line added to avoid INDEX Corruption in table odtr -Engineer Mon Dec 20 6:56:43 SST 1999 ***/
 memset(ovtm_row.remarks,'\0',30);
 memset(ovtm_row.auth_flg,'\0',2);
 if(sff != 1)
 ovtm_row.auth_flg[0] = 'Y';
 else
 ovtm_row.auth_flg[0] = 'N';
 }

In the above piece of code, there is a variable ovtm_row.remarks. This was initally declared as char(30). and at the time of initalisation it was filled with 80 chars. Here ideally, we were expecting a error, or atleast the program should have generated a core dump, segmentation fault. But instead, the program gets executed without any errors and is affecting the database table index, which is no where linked in the function.

My question is, Should the OS allow such overflowed variables to corrupt the database, and is it really the problem with the OS, or something else.
B'coz, after adding a single line where we are initalising the variable with 30 chars, the problem has been cleared.
0
vpotnis
Asked:
vpotnis
1 Solution
 
jlevieCommented:
It's a problem with the code, not with the OS. In the general case the OS can't tell if a buffer is being over-run as the area is likely to just be somewhere within the region that the progamn does have write access to. The only times you'll get a core dump or memory protection violation are when the buffer over-run winds up writing over executable code and causes an invalid instruction trap, if it writes over a region that contains pointers, or if the write would extend beyond the address space of the program. Over writing pointers will cause all manner of grief, and depending on what pointers are over-written and when they are used the problem may not become apparent until much later in the execution of the program. Over-writing some other type of data region may just result in improper results.

There are tools to look for these sorts of problems at run time on a lot of operating systems (Rational's Purify for Sun, HP, & SGI; ParaSoft's Insure for Linux; ElectricFence on RedHat (at least); etc.) I don't know what's available for Unixware, you'd have to look.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now