[Mauiusers] Bug in MRes.c in maui 3.2.6p14

Thomas Cataldo tcataldo at gmail.com
Thu Sep 1 06:18:10 MDT 2005


I investigated this file after trying to find the source of a maui
crash with valgrind. Valgrind detected some invalid read of size 1 on
the following piece of code, starting at line 4303 :

    for (aindex = 0;aindex < MAX_MACL;aindex++) {
      if (J->Cred.CL[aindex].Type == maDuration) {
          OTime = J->Cred.CL[aindex].Value;
          J->Cred.CL[aindex].Value = Overlap;
          break;
      }
    }    

    if (J->Cred.CL[aindex].Type == maNONE) {   <---- valgrind error here
      ....

The problem shown by valgrind is simple : in some cases the for loop
goes to aindex== MAX_MACL. After that all the code is broken because
we are working on memory that is not even part of the array (confirmed
by valgrind). I'm submitting this to you because for sure this piece
of code is buggy, but I have absolutly no idea of how to fix it.

I am still analysing other valgrind traces to find the double free bug
that is killing our scheduler. I will probably submit more problems
like this one in the near future.

Regards,
Thomas.


More information about the mauiusers mailing list