iraf-v216 · Code · Issues (50) · Pull requests (81)
iraf.net Issue #129
noao.digiphot.photcal parser buggy on 64 bit
closed olebole opened this issue on 2018-01-31
olebole commented on 2018-01-31
The code in noao$digiphot/photcal/prcode.x
and noao$digiphot/photcal/preval.gx
intermix access to the Memi
and Memr
fields with the same pointers. For example the following lines in prcode.x
:
Memi[code + cp - 1] = PEV_NUMBER
cp = cp + 1
Memr[code + cp - 1] = value
or in preval.gx
:
case PEV_NUMBER:
ip = ip + 1
sp = sp + 1
stack[sp] = Memr[code + ip]
if (IS_INDEFR (stack[sp]))
break
case PEV_CATVAR:
ip = ip + 1
sp = sp + 1
stack[sp] = vdata[Memi[code + ip]]
if (IS_INDEFR (stack[sp]))
break
This works on 32 bit, when the length of real
and int
are equal (4 bytes). On 64 bit (ILP64), however, real
is still 4 bytes, while int
has 8 bytes, and so one cannot use Memr
and Memi
access from the same pointer: Memr[ptr]
will get the value from a different place in memory than Memi[ptr]
. Depending on how the pointer was created, either the first or the second will cause an illegal memory access.
On 64 bit, this could be avoided by accessing Memd
instead of Memr
, since double
also has a length of 8 bytes. This, however, does not solve #128; therefore it is an independent bug.
Fixed in #130
Last updated on 2018-02-01