Subject: |
caput off-by-one bug for string as array of chars |
From: |
"J. Lewis Muir" <[email protected]> |
To: |
EPICS Tech Talk <[email protected]> |
Date: |
Thu, 16 Aug 2012 18:12:35 -0500 |
I believe there is an off-by-one bug in caput for the case of
writing a string as an array of chars (i.e. the '-S' option) in
EPICS Base 3.14.12.2. (Looking at the 3.15 source code, the bug
is probably there as well, but I haven't tested it.)
The caput program will sometimes write an incorrect value--a
value different from the value passed as an argument. I believe
this is because caput does not allocate enough memory to hold
the string value *plus* the terminating null character.
Attached is caput-string-off-by-one-fix.diff, a patch against
EPICS Base 3.14.12.2 plus Known Problems patches, to fix the
problem.
Attached is image-file-path.db and reproduce-bug.sh which can be
used to reproduce the problem.
Load image-file-path.db into a soft IOC like this:
dbLoadRecords("image-file-path.db","P=ioc23:")
Run the reproduce-bug.sh program like this:
$ sh reproduce-bug.sh
On my system, it usually fails within 20 iterations. For example:
$ sh reproduce-bug.sh
[3] "/tmp/lys_001.img/" != "/tmp/lys_001.img"
What I don't understand, though, is that if I add the '-t'
option to the caput command in reproduce-bug.sh, the problem
does not occur. I'd be interested to hear an explanation of why
that is.
Thanks,
Lewis
--- src/catools/caput.c.orig 2011-12-12 14:14:45.000000000 -0600
+++ src/catools/caput.c 2012-08-16 17:35:11.000000000 -0500
@@ -492,12 +492,12 @@
if (charArrAsStr) {
count = len;
dbrType = DBR_CHAR;
- ebuf = calloc(strlen(cbuf), sizeof(char));
+ ebuf = calloc(strlen(cbuf) + 1, sizeof(char));
if(!ebuf) {
fprintf(stderr, "Memory allocation failed\n");
return 1;
}
- epicsStrnRawFromEscaped(ebuf, strlen(cbuf), cbuf, strlen(cbuf));
+ epicsStrnRawFromEscaped(ebuf, strlen(cbuf) + 1, cbuf, strlen(cbuf));
} else {
for (i = 0; i < count; ++i) {
epicsStrnRawFromEscaped(sbuf[i], sizeof(EpicsStr), *(argv+optind+i), sizeof(EpicsStr));
#
# Provides image file path PV.
#
# Parameters:
# P PV name prefix (e.g. "ioc23:")
#
record(waveform, "$(P)ImageFilePath") {
field(DESC, "Latest image path")
field(FTVL, "UCHAR")
field(NELM, "256")
field(PINI, "YES")
}
Attachment:
reproduce-bug.sh
Description: Bourne shell script
- Replies:
- Re: caput off-by-one bug for string as array of chars Ralph Lange
- Navigate by Date:
- Prev:
RE: JCas Carcassi, Gabriele
- Next:
EDM widget PV name copy on OS X Eric Norum
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
<2012>
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
- Navigate by Thread:
- Prev:
RE: JCas Carcassi, Gabriele
- Next:
Re: caput off-by-one bug for string as array of chars Ralph Lange
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
<2012>
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
|