View Issue Details

IDProjectCategoryView StatusLast Update
0017099CommunityOCCT:Data Exchangepublic2009-06-24 15:21
Reporterabv Assigned Togka  
PrioritynormalSeveritytrivial 
Status closedResolutionfixed 
OSAll 
Fixed in Version6.2.1 
Summary0017099: [OCC Forum] bug in reading IGES file
DescriptionThis bug is reported by JMB on OCC Forum thread 10581
(http://www.opencascade.org/org/forum/thread_10581):

-----------

Hello,

Just to mention that there is a bug in Interface_ParamSet::Append when reading
the General section of an IGES file.
This method has as input a String, and try to store it inside some local array
of characters.

The problem is in the following lines of code :

// .. Gestion locale des caracteres ..
Standard_Integer i;
if (thelnval + lnval + 1 > thelnres) {
// Reservation de caracteres insuffisante : d abord augmenter
Standard_Integer newres = thelnres*2;
char* newval = new char[newres];

As you can guess (even if you don't understand french comments), if the size of
the string to add (lnval) tends to be greater than the current allocated size
(thelnres), then it tries to do some reallocation job by growing the reserved
size by twice.
Well I must admit that this is an original implementation of reallocation

And what if the string to add still have a greater size after multiplying by
2... ?
Yes, it will probaly crash soon or later because there is writing in memory non-
allocated

Hope OCC team will correct this.

Regards.

Jean Michel
TagsNo tags attached.
Test case number

Attached Files

  • bug17099.tar.gz (1,709 bytes)

Relationships

related to 0017026 closedgka Open CASCADE Problem of reading an IGES files 

Activities

2007-10-02 15:18

 

bug17099.tar.gz (1,709 bytes)

Issue History

Date Modified Username Field Change
2007-09-28 13:31 abv BugsThisDependsOn => 17026
2007-09-28 13:33 abv CC => gka
2007-10-02 17:22 bugmaster Status closed => assigned
2007-10-02 17:22 bugmaster Resolution suspended => @0@
2007-10-02 17:23 bugmaster Assigned To bugmaster => gka
2007-10-02 17:25 gka Status assigned => resolved
2007-10-09 17:42 bugmaster Status resolved => tested
2007-10-25 18:34 bugmaster Status tested => verified
2009-06-24 17:21 bugmaster Status verified => closed
2009-06-24 17:21 bugmaster Resolution @0@ => fixed
2011-08-02 11:12 bugmaster Category OCCT:DTE => OCCT:Data Exchange