[1088] in Coldmud discussion meeting

root meeting help first previous next last

[COLD] db corruption bug (finally!)

daemon@ATHENA.MIT.EDU (Wed Sep 18 23:10:01 1996 )

From: silovic@srce.hr (Miroslav Silovic)
To: coldstuff@cold.org
Date: Thu, 19 Sep 1996 04:49:43 +0200 (MET DST)


The cause was that the size of floats was calculated wrongly. Floats should
be cast to ints before sending them to size_long. This way, they were
actually /converted/ to ints, and compression gave the wrong size. Oops!
The final result was that previous object in binary db trampled valid
object, causing SEGV on mallocs when bogus string/list lengths were read.

Brandon, could you put this into p14, since the bug is rather trivial,
and has VERY bad consequences for people who do floats?

	Miro

--------------------------------------------------------------------
*** old_dbpack.c        Thu Sep 19 04:42:36 1996
--- dbpack.c    Thu Sep 19 04:30:15 1996
***************
*** 711,727 ****
      size += size_long(data->type);
      switch (data->type) {
  
        case INTEGER:
        size += size_long(data->u.val);
        break;
  
        case FLOAT:
!         size += size_long(*((cFloat*)(&data->u.fval)));
          break;
  
        case STRING:
        size += string_packed_size(data->u.str);
        break;
  
        case OBJNUM:
        size += size_long(data->u.objnum);
--- 711,727 ----
      size += size_long(data->type);
      switch (data->type) {
  
        case INTEGER:
        size += size_long(data->u.val);
        break;
  
        case FLOAT:
!         size += size_long(*((Long*)(&data->u.fval)));
          break;
  
        case STRING:
        size += string_packed_size(data->u.str);
        break;
  
        case OBJNUM:
        size += size_long(data->u.objnum);