diff options
author | Andrew Tridgell <tridge@samba.org> | 2006-09-14 16:08:13 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:18:42 -0500 |
commit | f7b29f23ad06403673a44915d5d85b09da69857a (patch) | |
tree | cd1ccb14ca6ec024e437b0f89d22e60f1a3bfda1 /source4/heimdal | |
parent | f78ff444e68aa45674310e5c679b8caef69e35c9 (diff) | |
download | samba-f7b29f23ad06403673a44915d5d85b09da69857a.tar.gz |
r18528: work around what appears to be a compiler bug in gcc on irix. It
caused the RPC-SECRETS test to crash smbd in an inlined version of
this memcmp() call. This patch should have absolutely no effect at
all, but in fact it prevents the crash.
Disassembling at the point of the crash, it shows that gcc is inlining
the memcmp(). I don't know enough MIPS assembler to actually spot the
bug. In case anyone reading this does know MIPS assembler, here is the
gcc generated code that crashes:
0x105e0218 <gssapi_krb5_verify_header+168>: lw $t1,52($sp)
0x105e021c <gssapi_krb5_verify_header+172>: lw $t1,0($t1)
0x105e0220 <gssapi_krb5_verify_header+176>: lhu $t1,0($t1)
0x105e0224 <gssapi_krb5_verify_header+180>: lw $t2,68($sp)
0x105e0228 <gssapi_krb5_verify_header+184>: lhu $t2,0($t2)
0x105e022c <gssapi_krb5_verify_header+188>: subu $t1,$t1,$t2
it gets a segv at 0x105e0220.
lha, what do you think of this? The change should be innocuous on all
other platforms, apart from making the code harder to read :(
(This used to be commit 95455b57893c99d6d2dc20c4f75042ae4c1cfe85)
Diffstat (limited to 'source4/heimdal')
-rw-r--r-- | source4/heimdal/lib/gssapi/decapsulate.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/heimdal/lib/gssapi/decapsulate.c b/source4/heimdal/lib/gssapi/decapsulate.c index 90e037f09bd..08df361776c 100644 --- a/source4/heimdal/lib/gssapi/decapsulate.c +++ b/source4/heimdal/lib/gssapi/decapsulate.c @@ -110,7 +110,7 @@ gssapi_krb5_verify_header(u_char **str, if (len < 2) return GSS_S_DEFECTIVE_TOKEN; - if (memcmp (*str, type, 2) != 0) + if ((*str)[0] != type[0] || (*str)[1] != type[1]) return GSS_S_DEFECTIVE_TOKEN; *str += 2; |