Ticket #117 (closed defect: fixed)
[PATCH] darwin_async_io_callback data truncation
|Reported by:||rogueresearch||Owned by:||hjelmn|
The private function darwin_async_io_callback() has a bug.
It is correctly declared with the IOAsyncCallback1 signature:
static void darwin_async_io_callback (void *refcon, IOReturn result, void *arg0)
Note the last param is a pointer and thus either 32 or 64 bit in size, depending on architecture.
The last lines of code in the function are:
The last line is wrong on 64 bit architectures. And a wonderful example of why it is preferable to use sizeof() on a variable, and not on a type. That's done for the first 2, but not the last two.
Attached is an *untested* patch that fixes the above. I also reviewed use of sizeof() in the same file and fixed a few others.
I'm hoping this is why libusb is broken for me on ppc64 but working on x86_64. On big endian, only the most significant (likely 0) bytes are written.
Changed 21 months ago by rogueresearch
comment:1 Changed 21 months ago by rogueresearch
- Owner set to hjelmn
- Status changed from new to assigned