[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Suspicous code in kdelibs-3.5.2
From: "Christoph Bartoschek" <bartoschek () gmx ! de>
Date: 2006-04-05 18:45:13
Message-ID: 8974.1144262713 () www094 ! gmx ! net
[Download RAW message or body]
> > - kdefx/kpixmap.cpp:62
> >
> > i+n easily reaches the array bound 16. For example if n == 15
and i ==
> > 14, then bm[29][0] is accessed. This is way behind the array
bound.
>
> false positive. it's a 16x16 array and the code is taking
advantage of the
> fact that it's contiguous memory... so bm[29] is actually the
15th element
> in
> the second "row"... fun.
I guess you mean bm[29][0], because bm[29] = 1 gives an compiler
error:
No. The 15th element in the second row would be bm[0][29]
For an array[16][16] the position bm[i][j] is equal to *(bm +
i*16+j)
Here code that shows the fact:
#include <iostream>
void print(int arr[16][16]) {
for (int i = 0; i != 16; ++i) {
for (int j = 0; j != 16; ++j) {
std::cout << arr[i][j];
}
std::cout << "\n";
}
}
int main() {
int arr[16][16];
for (int i = 0; i != 16; ++i)
for (int j = 0; j != 16; ++j)
arr[i][j] = 0;
arr[29][0] = 1;
std::cout << "\nAfter arr[29[0] = 1\n\n";
print(arr);
arr[0][29] = 1;
std::cout << "\nAfter arr[0][29] = 1\n\n";
print(arr);
}
--
GMX Produkte empfehlen und ganz einfach Geld verdienen!
Satte Provisionen für GMX Partner: http://www.gmx.net/de/go/partner
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic