dir@obo586.UUCP (Dan Rosenblatt) (03/19/85)
I've run into 2 bugs w.r.t. running 'B 2.10.1' usenet software
on a small system - max 64K text, 64K data using split I&D. Both
bugs are in header.c.
The first is that when reading control header info, lines that don't
fit into any category are put into OTHER. The space is malloc'd for
pointing to by hp->unrec[n]. Nowhere is it ever free'd - hp->unrec[n]
is just cleared and the space is lost forever. Systems with seemingly
unlimited resources are probably unaffected. The result for me was
the heap and the stack colliding resulting in 'garbled news' messages
and eventually a core dump.
The second is also when reading control header info. The function
'getfield' does no checking against overrunning the buffer its given
for where to store the control data. The result was 'garbled news'
messages because fields further on in the header structure got blasted.
All this was because I had to use the smaller buffer size (BUFLEN 128)
in defs.h due to my limited resources - max 64K data.
I realize that trying to run on such a limited machine (Altos 586 with
an 8086 running XENIX 2.5 [V7 lookalike]) makes me prone to such problems,
but they are bugs nonetheless. Send me a mail request if you wish to
see the patches I applied - note that they are not ideal.
Dan Rosenblatt
obo Systems, Inc.
...{ihnp4!denelcor,nbires!gangue}!obo586!dir