[Debian-med-packaging] Bug#689367: Conflicting array sizes in union possibly causing undefined behaviour

[Michael Tautschnig]

Package: ctn
Version: 3.0.6-13

While building the package using our research compiler infrastructure we noticed
the following conflicting declarations:

- apps/dcm_create_object/gram_mod.c:

{
        unsigned long   num;
        char            str[1024+1];
        char            *s;
        DCM_OBJECT      *o;
        DCM_ELEMENT     *e;
        LST_HEAD        *l;
        void            *v;
} YYSTYPE;

- apps/dcm_create_object/gram.h (included by lex_mod.c):

{
        unsigned long   num;
        char            str[DICOM_LO_LENGTH+1];     <<<---- DICOM_LO_LENGTH expands to 64
        char            *s;
        DCM_OBJECT      *o;
        DCM_ELEMENT     *e;
        LST_HEAD        *l;
        void            *v;
} YYSTYPE;

The differing array sizes of str (1025 vs. 65 characters) may cause undefined
behaviour if assumptions about the storage size of the union are made in either
code.

Best,
Michael

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/debian-med-packaging/attachments/20121001/5637d11e/attachment.pgp>