Re: AW: [Enigma-devel] Enigma v1.01 crash on x86_64

[Ronald Lamprecht]

Hi,

Lochmann, Andreas wrote:
> thanks for the detailed bug report :-)

Thanks for this full-fledged report for a very critical and nasty bug.

The bug arises from the enigma core libraries written by the project 
founders in some basic functions not being reviewed or changed since 
several Enigma versions. In ecl_util.cc in funciton vstrf() the initial 
buffer size is rather small. Due to the long string of player names this 
buffer now gets reallocated. But the author of this function did not 
notice that when looping he evaluates the var args twice without 
intermediated reinitialization. This is a serious pointer bug that leads 
likely to a crash.

BTW the used function vsnprintf() seems not to be as portable as the 
author did assume. I found several report that the return value can 
differ from the expected ones. This can cause trouble on other systems, too.

This bug is system independent and can effect any Enigma version of the 
releases 1.00 and 1.01 as theses releases do handle long strings in the 
 evaluation of the ratings files.

An update of Enigma 1.01 would not reach the uncounted Enigma users in 
time. As the next major release is due within the next months I will fix 
this bug just on the 1.10 development trunk.

To avoid trouble with the installed Enigma version I will truncate the 
critical strings in the ratings file by a special routine in the 
evaluation software. Even though I would be able to update the critical 
ratings file of all Enigma installations being online within 5 days I 
will likely provide a fixed ratings in a fortnight with the new 
statistics update.

With this ratings update all Enigma 1.00 and 1.01 should be stable 
again. Unfortunatly this means that we have to branch the ratings in 
future to be able to take full advantage of features in a new branch 
while maintaing compatibility for the buggy 1.00 and 1.01 in the old 
branch :-(

Thanks again for the valuable bug report,

Ronald