I have modified the SGPropertyNode interface to support node removal
and address the issues you mention yesterday.
I added the SGPropertyNode_ptr class that is a smart pointer that
increment and decrement a counter in SGPropertyNode. The _children
vector is changed to a vector<SGPropertyNode_ptr> in order for the
node to hold a reference to its children. I also added a
_removedChildren vector of the same type. When removeChild is called
with the keep parameter set to true, the reference is removed from
_children and inserted in _removedChildren, and the attribute REMOVED
is set. When getChild is called with create set to true, the _children
vector is searched, then the _removedChildren and then a new node is
created. If a resurrected node is returned, the REMOVED bit is cleared.
The static const int LAST_USED_ATTRIBUTE is also added.
The footprint of this patch is light. SGPropertyNode is one int
longer in size, SGPropertyNode_ptr is one pointer large without
virtual functions. Some functions can be inlined if your current
policy change.
The FlightGear patch is to take account the change in the getChildren
function that now returns a vector<SGPropertyNode_ptr>. If the
removeChild functionnality is to be added in FlightGear, all those
SGPropertyNode * floating around should be changed to
SGPropertyNode_ptr.
Here's a first cut at SGSocket reimplemented using plib.net. I've
maintained the same TCP server behaviour, that is only one client
connection at a time. I don't think it is possible within the current
framework to handle simultaneous clients.
I've also added two simple test programs, tcp_client and tcp_server.
Here is a total rewrite of the strutils package. I've reimplemented the
trimleft(), trimright() and trim() functions as lstrip(), rstrip() and
strip() respectively. Additionally I've added a split() function that
behaves like its perl/python equivalent. Just the thing for splitting
comma separated option strings or space separated telnet commands and
arguments. I've also enclosed the whole thing in a namespace
simgear::strutils. Since I seem to be the only one who uses these
functions, SimGear and FlightGear compile without change.
PS It is no coincidence that the new function names bear an uncanny
resemblance to the python functions of the same name.
Tbis is a first patch in a series to clean up SimGear by removing
warning messages. Most of them are straight forwared, but in pops.hxx
the compile complaints about "type qualifier is meaningless on return
type". I think it's up to you to decide if you want that part applied.
A const char * is not supposed to change and cannot be deleted. So
here is a patch that remove unnecessary const from props.hxx and
props.cxx. There also is the addition of a friend directive because
nested classes do not receive special privileges and cannot access
private members of the outer class.
are things that are needed, but that many systems already have packages
available to install, and many users may have versions of these already
installed to support other projects. So rather than build and install by
default with the main SimGear build/install, these are kept separate so that
those users that don't have them already installed can build and install
them separately.
of actually using them in the flightgear event manager.
- Now that we have several add on libs we are bundling with simgear (but
not automatically built as part of the simgear build) I have moved them
to their own subdirectory (src-libs).
This module works mostly with char* and allocates memory with
strdup ... delete doesn't go well with malloc(). The transition
to string only would be nice, but some class interfaces return
char*, so it was more natural to just drop the deletes.
Here is a patch that fixes a little problem in dome.cxx: The fog_color
is created in a sgVec3 (227) but then handed over to ::repaint(), which
expects a sgVec4 (282). Then (343) center_color (although defined as
sgVec4) is only initialized with 3 values, but later (441) assigned to
'slot' via sgCopyVec4.
at several places material was copied to "buffer" using strncpy
without adding a closing '\0'. This again lead to access to non
initialized memory and potentially (and actually at least in one
case) to feeding garbage to atof(). In case the following garbage
happened to start with digits, we would get funny time
values. :-)
I just added the obligatory "buffer[n] = 0", which doesn't
really look professional now. Maybe we should use the string
class or define a helper function that strncopies =and= adds
a trailing zero?
The last hunk fixes another buglet, that wasn't dangerous
at all, but caused an error message. The loop that should cut
the string at hash marks ('#') did neither stop at such, nor at
string ends. It always scanned the whole 256 character long
buffer and accessed uninitialized memory. valgrind doesn't
like that. I dropped the 256 counter, because fgets =does=
add the closing zero. It is safe to scan until we either
get the zero or the hash mark.
interface instead of string. This will result in a lot more
efficiency later, once I add in a simple hash table for caching
lookups, since it will avoid creating a lot of temporary string
objects. The major considerations for users will be that they cannot
use
node->getName() == "foo";
any more, and will have to use c_str() when setting a string value
from a C++ string.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Zlib Advisory 2002-03-11
zlib Compression Library Corrupts malloc Data Structures via Double Free
Original release date: March 11, 2002
Last revised: March 11, 2002
Source: This advisory is based on a CERT advisory written
by Jeffrey P. Lanza http://www.kb.cert.org/vuls/id/368819
Systems Affected
* Any software that is linked against zlib 1.1.3 or earlier
* Any data compression library derived from zlib 1.1.3 or earlier
Overview
There is a vulnerability in the zlib shared library that may introduce
vulnerabilities into any program that includes zlib. This
vulnerability has been assigned a CVE name of CAN-2002-0059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0059
I. Description
There is a vulnerability in the decompression algorithm used by the
popular zlib compression library. If an attacker is able to pass a
specially-crafted block of invalid compressed data to a program that
includes zlib, the program's attempt to decompress the crafted data
can cause the zlib routines to corrupt the internal data structures
maintained by malloc.
The vulnerability results from a programming error that causes
segments of dynamically allocated memory to be released more than once
(aka. "double-freed"). Specifically, when inftrees.c:huft_build()
encounters the crafted data, it returns an unexpected Z_MEM_ERROR to
inftrees.c:inflate_trees_dynamic(). When a subsequent call is made to
infblock.c:inflate_blocks(), the inflate_blocks function tries to free
an internal data structure a second time.
Because this vulnerability interferes with the proper allocation and
de-allocation of dynamic memory, it may be possible for an attacker to
influence the operation of programs that include zlib. In most
circumstances, this influence will be limited to denial of service or
information leakage, but it is theoretically possible for an attacker
to insert arbitrary code into a running program. This code would be
executed with the permissions of the vulnerable program.
II. Impact
This vulnerability may introduce vulnerabilities into any program that
includes the affected library. Depending upon how and where the zlib
routines are called from the given program, the resulting
vulnerability may have one or more of the following impacts: denial of
service, information leakage, or execution of arbitrary code.
III. Solution
Upgrade your version of zlib
The maintainers of zlib have released version 1.1.4 to address this
vulnerability. Any software that is linked against or derived from an
earlier version of zlib should be upgraded immediately. The latest
version of zlib is available at http://www.zlib.org
The md5 sums of the source archives are:
abc405d0bdd3ee22782d7aa20e440f08 zlib-1.1.4.tar.gz
ea16358be41384870acbdc372f9db152 zlib-1.1.4.tar.bz2
IV. Acknowledgments
Thanks to Owen Taylor and Mark Cox of Redhat, Inc. for the
reporting and research of this vulnerability.
This document is available from
http://www.gzip.org/zlib/advisory-2002-03-11.txt
The public PGP key of zlib author Jean-loup Gailly is available from
http://www.gzip.org/zlib/jloup.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8jSR02aJ9JQGWcacRAuDEAKCWdrRkWeJV9lYU5z8NN56s3m8eKACglR4m
42KDUGHuftBkwACTMCnZLEo=
=3yLS
-----END PGP SIGNATURE-----