View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002093 | JEDI VCL | 00 JVCL Components | public | 2004-08-25 02:18 | 2004-08-25 04:28 |
| Reporter | maxp | Assigned To | AHUser | ||
| Priority | normal | Severity | major | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | |||||
| Target Version | Fixed in Version | ||||
| Summary | 0002093: JvInterpreter Typ2Size bug (potential GPF and crash!) | ||||
| Description | Let's consider script (pay attention to array of SmallInt declaration): unit TestUnit; procedure main; var I: Integer; A: array[0..10] of SmallInt; begin for I := 0 to 10 do A[I] := 100*I*I; ShowMessage(IntToStr(A[10])); end; end. The Typ2Size function is called while executing this script in function JvInterpreterArrayInit: .... PP^.ElementSize := Typ2Size(ItemType) .... It returns 1 for type SmallInt. Below in JvInterpreterArrayInit function the next lines are executed: .... .... GetMem(PP^.Memory, ArraySize * PP^.ElementSize); //<<(*)>> //ZeroMemory(PP^.Memory, ArraySize * PP^.ElementSize); FillChar(PP^.Memory^, ArraySize * PP^.ElementSize, 0); .... .... while debugging, it is clear that in line marked as <<(*)>> wrong space allocated for array (only 11 bytes in this example while correct space is 22 bytes for array of 11 elements of SmallInt). I think it is potentially very dangerous bug! | ||||
| Additional Information | It seems that in Typ2Size function (see piece of it): ... varByte: Result := SizeOf(Byte); varSmallint: Result := SizeOf(varSmallint); (*!!*) varDate: Result := SizeOf(Double); ... line marked as (*!!*) should be Result := SizeOf(Smallint); | ||||
| Tags | No tags attached. | ||||
|
2004-08-25 03:55
|
JvInterpreterShow0002093bug.zip (1,531 bytes) |
|
2004-08-25 03:56
|
JvInterpreterFix000209bug.zip (41,994 bytes) |
|
|
Program in JvInterpreterShow0002093bug.zip demonstrates this bug (element with index 10 of array of small int gets wrong value -- I've got 2826 -- instead of 10). With fixed version of JvInterpreter all is ok. |
|
|
Thanks for the fix. It is now in the CVS. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2004-08-25 02:18 | maxp | New Issue | |
| 2004-08-25 03:55 | maxp | File Added: JvInterpreterShow0002093bug.zip | |
| 2004-08-25 03:56 | maxp | File Added: JvInterpreterFix000209bug.zip | |
| 2004-08-25 04:00 | maxp | Note Added: 0005088 | |
| 2004-08-25 04:28 | AHUser | Status | new => resolved |
| 2004-08-25 04:28 | AHUser | Resolution | open => fixed |
| 2004-08-25 04:28 | AHUser | Assigned To | => AHUser |
| 2004-08-25 04:28 | AHUser | Note Added: 0005090 |
