|Subject:||Bug in PosIdx?|
|Posted by:||Ivan Cruz (iv…@artha.com.br)|
|Date:||Wed, 20 Oct 2004|
I think I hit a bug in PosIdx when receiving a malformed
header. In IdGlobal, line 2301 we have:
Dec(LenS, LenSubStr); //Length(S)-Length(SubStr) +1(!) MUST BE >0
if LenS <= 0 then begin
The problem here is "LenS" is declared "Cardinal" and as
such will never been less than 0. In that case PosIdx
starts looking for substrings in invalid memory positions.
Eventualy PosIdx find a substring anywere and calling routine
DecodeHeader (in IdCoderHeader) causes a GPF.
Changing LenS to Integer causes a compiler warning but solves
All the modules and lines cited are from the fresh new