[issue1006] digest is down; suggestions welcome

Johannes Hofmann Johannes.Hofmann at gmx.de
Wed May 14 14:03:12 PDT 2008

Jost Tobias Springenberg <jspringe at uos.de> wrote:
> On Wed, 14 May 2008 16:06:19 -0400 (EDT)
> "Justin C. Sherrill" <justin at shiningsilence.com> wrote:
>> On Wed, May 14, 2008 2:49 pm, Dionysus Blazakis wrote:
>> > It seems there was an off-by-one error in the strspn code in our libc.
>> >  The buffer was a byte too small and resulted in overwriting the saved
>> > ebx which was the offset to the GOT -- but only if strspn was used
>> > with a \xff in the second string.
>> >
>> > I have a patch here:
>> > http://dblaz.beevomit.org/dfly/strspn.patch
>> >
>> > I've verified it fixes the PHP problem.  Also, I tested it against a
>> > small program that called strspn with a \xff in the second string and
>> > verified that ebx was correctly restored (unlike prior to the patch).
>> This fixed it - the Digest is back up, thanks to Dave.
>> This would be worth bringing back to 1.12.2.
> It definitely would be,
> just as a side-note, I am curious if that also may have something to do with Johannes Problem
> that he mentioned in the gcc Fortran base thread and here: 
> http://leaf.dragonflybsd.org/mailarchive/users/2007-11/msg00032.html
> If that's pure nonsense ignore it but i remember him having problems with strspn !?

As far as I can see it's unrelated. It seems to be another libc bug
that has been fixed in FreeBSD some time ago:


More information about the Bugs mailing list