From: Ian D Romanick <idr AT cs DOT pdx DOT edu>
Message-Id: <199802171519.HAA06898@sirius.cs.pdx.edu>
Subject: Re: gdb crashing: found a bug in dbgcom.c
To: djgpp AT delorie DOT com
Date: Tue, 17 Feb 1998 07:19:07 -0800 (PST)
In-Reply-To: <6cbagu$3kd$1@antares.lu.erisoft.se> from "Martin Stromberg" at Feb 17, 98 06:25:34 am
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Precedence: bulk

> --- dbgcom.c	Tue Aug 13 00:08:04 1996
> +++ /tmp/djlib.new/dbgcom.c	Tue Feb 17 02:40:12 1998
> @@ -553,7 +553,7 @@
>  
>    unsigned limit;
>    limit = __dpmi_get_segment_limit(__djgpp_app_DS);
> -  if(a >= 4096 && (a+len-1) <= limit)
> +  if(a >= 4096 && a <= limit && (a+len-1) <= limit)
>      return 0;
>  /*  printf("Invalid access to child, address %#x length %#x  limit: %#x\n", a, len, limit);
>    if (can_longjmp)

I think that this patch is not quite right.  What if 'a' is 'limit-2' and
'len' is 4?  You will have the same problem.  I think that changing the
expression to the following would be better.

    if ( (a >= 4096) && (a < (limit - len)) )

-- 
"Don't waste our bandwidth with cliched catch phrases that were moldy
years ago. Be creative- surely with the plethora of bodily fluids, and
other excereta to draw upon you can come up with something a little more
original" -- Rhias K. Hall (badger AT wizards DOT com)