douglis@ginger.Berkeley.EDU (Fred Douglis) (01/29/88)
I'm having a trouble with MH 6.5 running with MHE on sun 3.2. It seems that
"repl -build", which leaves a draft in <mhdir>/reply and exits, is
adding in a couple of extra characters, for example:
To: ...
Subject: ....
In-Reply-To: ...
------
es
That "es" is what kills me. The problem doesn't happen on our vax 4.3
system from which the sources were copied.
Please reply to me, not the net. Thanks,
============ =========================== ==============
Fred Douglis douglis@ginger.Berkeley.EDU ucbvax!douglis
============ =========================== ==============douglis@GINGER.BERKELEY.EDU (Fred Douglis) (02/02/88)
Enough people have asked about this that I might as well post this to
the newsgroup. (I had hoped that mail to bug-mh would automatically
get posted, but apparently not.)
------- Forwarded Message
Date: Fri, 29 Jan 88 10:43:36 -0800
From: Fred Douglis <douglis@ginger.Berkeley.EDU>
To: lemke@sun.com
cc: weissman@decwrl.dec.com, bug-mh@uci.edu, larus@ginger.Berkeley.EDU
Subject: Bug in formatsbr
Terry Weissman responded to my note on comp.mail.mh as follows:
Whenever mh needs an mh-format string (for example, to specify the
layout of fields in a "scan" or "inc"), it calls the routine new_fs(),
which appears in sbr/formatsbr.c. If the format string is stored in a
file, this routine mallocs a string exactly the length of the file,
and copies the file into that string. There is absolutely nothing
done to ensure that the string is null-terminated. new_fs() should
malloc a string which is one character longer than the length of the
file, and put a null in that last character.
The following patch seems to have done the trick. If it's appropriate
to post this on the net, and mail to bug-mh isn't already gatewayed,
please feel free to repost this.
*** /tmp/,RCSt1a11609 Fri Jan 29 10:41:51 1988
- --- formatsbr.c Fri Jan 29 10:27:06 1988
***************
*** 44,50
if (fstat (fileno (fp), &st) == NOTOK)
adios (form, "unable to stat format file");
! if ((formats = malloc ((unsigned) st.st_size)) == NULLCP)
adios (form, "unable to allocate space for format");
if (read (fileno(fp), formats, st.st_size) != st.st_size)
- --- 44,50 -----
if (fstat (fileno (fp), &st) == NOTOK)
adios (form, "unable to stat format file");
! if ((formats = malloc ((unsigned) st.st_size + 1)) == NULLCP)
adios (form, "unable to allocate space for format");
if (read (fileno(fp), formats, st.st_size) != st.st_size)
***************
*** 49,54
if (read (fileno(fp), formats, st.st_size) != st.st_size)
adios (form, "error reading format file");
(void) fclose (fp);
}
- --- 49,56 -----
if (read (fileno(fp), formats, st.st_size) != st.st_size)
adios (form, "error reading format file");
+
+ formats[st.st_size] = '\0';
(void) fclose (fp);
}
------- End of Forwarded Messageshore@duplex (Andrew Shore) (02/02/88)
In <22778@ucbvax.BERKELEY.EDU>, doublis@ginger.Berkeley.EDU writes: >I'm having a trouble with MH 6.5 running with MHE on sun 3.2. It seems that >"repl -build", which leaves a draft in <mhdir>/reply and exits, is >adding in a couple of extra characters, for example: > To: ... > Subject: .... > In-Reply-To: ... > ------ > es This was happening to us too. I figured it out and sent in a message to bug-mh but never got a reply. I wouldn't be surprised if "es\n" were the last bytes in your .mh_profile. --Andy Shore Adobe Systems Incorporated Index: sbr/formatsbr.c Description: new_fs can create bogus format stings. It reads the "form" file into an area that is malloc'd to have just the right size, but neglects to add a null terminating byte. normalize (and other functions) can go beyond the end of the read in data, formatting things incorrectly. Repeat-By: Happens to me all the time with repl giving me garbage bytes in the prototype repl buffer. Arrange to malloc storage that is non-null in new_fs (seems to happen with a large .mh_profile). Fix: malloc one more byte than the size of the file, and fill it with 0. *** /tmp/,RCSt1a06918 Fri Oct 16 16:07:24 1987 --- formatsbr.c Fri Oct 16 14:04:44 1987 *************** *** 47,53 **** if (fstat (fileno (fp), &st) == NOTOK) adios (form, "unable to stat format file"); ! if ((formats = malloc ((unsigned) st.st_size)) == NULLCP) adios (form, "unable to allocate space for format"); if (read (fileno(fp), formats, st.st_size) != st.st_size) --- 47,53 ---- if (fstat (fileno (fp), &st) == NOTOK) adios (form, "unable to stat format file"); ! if ((formats = malloc ((unsigned) st.st_size + 1)) == NULLCP) adios (form, "unable to allocate space for format"); if (read (fileno(fp), formats, st.st_size) != st.st_size) *************** *** 54,59 **** --- 54,60 ---- adios (form, "error reading format file"); (void) fclose (fp); + formats[st.st_size] = '\0'; } else { formats = getcpy (format ? format : def);