phil@Rice.edu (William LeFebvre) (03/15/89)
Sorry for giving this such a wide audience, but I didn't know how else to reach all the people who recently received a list of bug fixes for the Imagen host software. I found one more infinite loop bug, also associated with the tcp communications software. I have the feeling that this is the problem I've been having all along. There are really two unrelated bugs: one that causes a bus error, and a bug in the signal recovery code. We are running release 2.3, dated July 1986, so these may have been fixed since then. The function "udpstatus" returns a pointer to a string that contains the status line returned by the printer. The function "updatestatus" in icomm_tcp.c uses this value as an argument to "sprintf(¬e_buf[0],...". udpstatus reads up to 256 characters from the net, but note_buf is only 128. Overflowing this buffer would overwrite some critical pointers. ies would eventually get a bus error, which would be caught. Unfortunately, the signal recovery code ("PHadie" and "PHdie") would somehow get stuck in an infinite loop. The following two fixes should cure both aspects of this particular problem: File "icomm.h", line 135 reads: EXTRN char note_buf[128]; and should be EXTRN char note_buf[512]; (just to be safe---memory is cheap). File "icomm.c", function "PHdie", line 417 reads: exit(rc); and should read _exit(rc); since "exit" tries to close all open streams (some of which may be trashed). William LeFebvre