brw@jim.odr.oz (Brian Wallis) (03/16/88)
I just came across a small bug in vnews that caused it to core dump with a bus error (on Ultrix 2.0). This came about while evaluating a new terminal that emulates a vt100 of which we have none at the moment. The problem is caused by the termcap entry vor the vt100 which has padding of 10 for :cm. The relevant code is > plodstr = direct; > tputs(tgoto(CM, col, row), 0, plodput); Where plodput just stores the chars in *plodstr++. Unfortunatly the array 'direct' is only 20 chars and on the stack and tputs will appropriately pad the string, somewhat greater than 20 chars for ':cm=10\E[%i%d;%dH:' at 19200 baud. This will work fine at 9600 baud, since the string will be 18 chars (1 pad char per millisecond) but at 19200 you get 2 chars per millisecond giving (I think) 28 chars, quite enough to overwrite linkage on the stack (yes, the array is first in the local vars). FIX: make the array 'direct' in _amove() at line 584 in virtterm.c larger, how much larger? well thats the $64000 question in C isn't it! 120 chars seemed OK to me. At least I'll know where to look first next time. -- Brian Wallis (brw@jim.odr.oz) (03) 562-0100 Fax: (03) 562-0616, Telex: Jacobs Radio (Bayswater) 152093 ^ What What What What What! Only 5 whats, that's not very bright!