From fc6e910e69f49cd482966eb9af3f27c0b65bcf4b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 2 Oct 2010 11:13:34 +0200 Subject: s3: Fix a 64-bit BUG Quick explanation why this is a problem: It is not safe to pass a pointer to a uint32_t into a routine that expects a size_t *. The routine that this pointer is passed to has no chance to find out that in reality it was passed a pointer to a uint32_t. On platforms where sizeof(size_t)==8, we get a nice overwrite of a stack area that should not be overwritten. As this happens over an over again: Does someone know a means to make gcc stop with an error in this case? Volker --- lib/util/asn1.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/util') diff --git a/lib/util/asn1.c b/lib/util/asn1.c index c4923343e2..7e37fbc91b 100644 --- a/lib/util/asn1.c +++ b/lib/util/asn1.c @@ -1011,7 +1011,7 @@ NTSTATUS asn1_full_tag(DATA_BLOB blob, uint8_t tag, size_t *packet_size) NTSTATUS asn1_peek_full_tag(DATA_BLOB blob, uint8_t tag, size_t *packet_size) { struct asn1_data asn1; - uint32_t size; + size_t size; bool ok; ZERO_STRUCT(asn1); -- cgit