Bad pointer math results in memory corruption, death
Bug #237468 reported by
LaMont Jones
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
star (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: star
In the buffer management code of star, a pointer is rounded, using integer math. Sadly, gcc changed sometime ago to properly do integer math, which results in incorrect results when the pointer has the sign bit on.
The attached patch corrects the issue.
lamont
Related branches
To post a comment you must log in.
I stumbled upon this patch purely by coincidence, after a year-long battle trying to make star work again.
For what it's worth, applying this made star work properly (read: it went from "The damn thing doesn't even start up" to "Wow, so it *does* work afterall!") again, which hasn't been the case for ages.
Can this please be applied to the package? Also a backport (to at least 8.04) would be wonderful.