sms@wlv.imsd.contel.com (Steven M. Schultz) (07/25/90)
Subject: qsort(3) mishandles large arrays (+FIX) Index: lib/libc/gen/qsort.c 2.10BSD Description: In the qst function the variables `lo' and `hi' are declared as `int'. They should be `unsigned' or else qsort can bomb. Repeat-By: This bug crept up in a modified version of nm(1) being used to read the symbol table of /unix. /unix has ~3570 symbols. After multiplying that by the size of a symbol structure, the array which qsort(3) was asked to sort was over 32767, at which point qsort(3) malfunctioned. Fix: Apply the following patch, then reinstall qsort into libc.a and libc_p.a *** qsort.c.old Sun Mar 9 19:53:17 1986 --- qsort.c Tue Jul 24 18:04:46 1990 *************** *** 114,120 **** register char c, *i, *j, *jj; register int ii; char *mid, *tmp; ! int lo, hi; /* * At the top here, lo is the number of characters of elements in the --- 114,120 ---- register char c, *i, *j, *jj; register int ii; char *mid, *tmp; ! unsigned int lo, hi; /* * At the top here, lo is the number of characters of elements in the