Date:	Fri, 20 Jan 1995 18:46:00 +0900
From:	=?ISO-2022-JP?B?GyRCRTdLfiEhP3I8IxsoQg==?=
	<KHB03047 AT niftyserve DOT or DOT jp>
Subject:	GO32 1.12m2 potential problem
To:	djgpp AT sun DOT soe DOT clarkson DOT edu

Hi everybody, 

I'm new here, but would like to report a trouble that I found while I was 
porting go32 1.12maint2 to Microsoft C (MS-C) version 7.00.

With go32 compiled with MS-C, the system hangs if a string longer than 11 
bytes is specified as the filename part of argv[1] like this:

    go32 test-distrib foo
          or
    go32 c:/emacs-19.27/lib-src/test-distrib foo

where strlen("test-distrib") == 12. 

This problem does not occur if strlen(the filename part of argv[1]) < 12 
(e.g., "go32 c:/emacs-19.27/lib-src/test-dis foo");

I investigated the source code, and found the following declaration of 
char array in glob.c!__glob_env():

    char base[12];

into which the filename part of argv[1] inside a pair of square brackets 
(in the above cases, "[test-distrib]" or "[test-dis]") is stored. 
strlen("[test-distrib]") apparently exceeds sizeof(base), consequently 
corruption of stack frame occurs.

This problem doesn't become manifest with Turbo-C, probably because the 
corrupted region and/or auto variables are (fortunately :-) not utilized 
by go32 compiled with Turbo-C, but does with MS-C.  I wish DJ could fix 
this potential problem with later release, even though it's not actualized
with Turbo-C, since it might cause unexpected troubles.
The easiest solution is enlarging the size of the array, but there must be
more smart ways.

Thanks,

Takaharu Tenma   KHB03047 AT niftyserve DOT or DOT jp

p.s. With coff2exe, the above problem doesn't occur simply because DOS 
truncates argv[0] within 8 bytes long.

- Raw text -