Date: Mon, 10 Aug 1998 13:45:15 -0400 (EDT)
Message-Id: <199808101745.NAA16276@delorie.com>
From: DJ Delorie <dj AT delorie DOT com>
To: djgpp-workers AT delorie DOT com
Subject: [grbhat AT unigoa DOT ernet DOT in: Problem with process_coff()]
Precedence: bulk


------- Start of forwarded message -------
Date: Mon, 10 Aug 1998 03:01:40 +0000 (   )
From: "Gurunandan R. Bhat" <grbhat AT unigoa DOT ernet DOT in>
To: dj AT delorie DOT com
Subject: Problem with process_coff() 
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

Greetings,

	I had a problem with running fsdb on a simple "Hello World!" 
program and have traced the problem to a loop in process_coff(...) 
(src/debug/common/syms.c). The relevant lines (290:300) are:

        if (l_pending)
        {
          int lbase = f_aux[i+1].x_sym.x_misc.x_lnsz.x_lnno - 1;
          int i2;
          l->l_lnno = lbase;
          l++;
          for (i2=0; l[i2].l_lnno; i2++)
            l[i2].l_lnno += lbase;
          l_pending = 0;
        }

I think the problem here is that "l" (set in an earlier pass of the outer 
loop) should not be incremented when it points to the last entry in line 
number info table for the section. If this is done, the limit of the loop 
becomes bad and the loop overwrites malloc's internal tables causing a 
crash after the next malloc. 

I would be extremely grateful for your comments and help.

With thanks and warmest regards
Gurunandan
------- End of forwarded message -------