Crash in sendto_kdc.c
mogasale.tech
mogasale.tech at gmail.com
Fri Oct 5 05:25:11 EDT 2018
Thanks Greg. Will try that out and confirm.
Regards,
Rama
On Fri, 5 Oct 2018 at 01:31, Greg Hudson <ghudson at mit.edu> wrote:
> [Removing kfwdev from the CC line; we no longer have a separate Windows
> development team, so just krbdev is fine.]
>
> On 10/04/2018 08:47 AM, mogasale.tech wrote:
> > conn.out.sgbuf[0] = {len = 4, buff = ‘\0’}
> > conn.out.sgbuf[1] = {len = 1882, buff = ‘some data’}
> > conn.out.sgp = {len=??? buf=??? }
> > conn.out.sg_count = -10339
> > conn.out.msg_len_buf = ""
> > nwritten = 3199132154
>
> Thanks for the additional information. I think I finally know what is
> going wrong here: SOCKET_WRITEV() is trying to return -1, but due to the
> intricacies of the C type system, it is being treated as 2^32-1 on
> 64-bit Windows.
>
> The fix I would like to try is to edit src/include/port-sockets.h and
> change the first definition of SOCKET_WRITEV to:
>
> #define SOCKET_WRITEV(FD, SG, LEN, TMP) \
> (WSASend((FD), (SG), (LEN), &(TMP), 0, 0, 0) ? \
> (ssize_t)-1 : (ssize_t)(TMP))
>
> where the change is the addition of the (ssize_t) casts.
>
> Without the casts, the type of the conditional expression is unsigned
> 32-bit, because -1 has type int and TMP has type DWORD, and unsigned
> wins over signed for integer types of equal size. The quantity -1 in
> that type has the value 2^32-1. When that value is cast to ssize_t
> (signed 64-bit on 64-bit Windows), it retains the large positive value
> instead of reverting back to -1 as it would on 32-bit Windows.
>
More information about the krbdev
mailing list