[Solved] Pointer dereference crash while valid ptr (zziplib)

Discuss the development of new homebrew software, tools and libraries.

Moderators: cheriff, TyRaNiD

Post Reply
Beuc
Posts: 33
Joined: Thu Mar 26, 2009 5:04 am
Location: holland

[Solved] Pointer dereference crash while valid ptr (zziplib)

Post by Beuc »

Hi,

I got a weird zziplib crash and I don't really understand what is going wrong %)
It's in zzip.c, line 385 (I debugged with 'gcc -g' and psplink). A pointer representing a zip file entry is dereferenced, and the PSP crashes ("Program received signal SIGHUP, Hangup.").

I tried to decompose the code, and then rewrote it using bit shifts - and then it worked.
Do you know what went wrong here?

Here are my attempts:

Code: Select all

	/* Original:
	   hdr->d_off   = zzip_disk_entry_get_offset (d);
	*/
	/* After macro processing:
	   hdr->d_off   = (*(uint32_t*)((d)->z_offset));
	*/
	/*
	  Decompose:
	  uint32_t* t_pointer = (uint32_t*)d->z_offset;
	  uint32_t t_value = *t_pointer; // crashes here
	  hdr->d_off = t_value;
	*/
	/* Doesn't crash: */
	char* t_pointer2 = d->z_offset;
	unsigned char t_value0 = t_pointer2[0];
	unsigned char t_value1 = t_pointer2[1];
	unsigned char t_value2 = t_pointer2[2];
	unsigned char t_value3 = t_pointer2[3];
	hdr->d_off = &#40;t_value3 << 24&#41; | &#40;t_value2 << 16&#41; | &#40;t_value1 << 8&#41; | &#40;t_value0&#41;;
Last edited by Beuc on Fri Apr 17, 2009 6:22 am, edited 1 time in total.
Top
User avatar
jbit
Site Admin
Posts: 293
Joined: Sat May 28, 2005 3:11 am
Location: København, Danmark
Contact:
Contact jbit

Post by jbit »

My random guess is that d->z_offset isn't always four bytes aligned? Which is a real issue on most RISC machines ;)

The original is doing a 32bit load which needs the pointer to be aligned to 4bytes, and your "doesn't crash" code is doing 8bit loads which don't care.
Top
Beuc
Posts: 33
Joined: Thu Mar 26, 2009 5:04 am
Location: holland

Post by Beuc »

This could well be the reason, the field is at offset 42 in the structure.
It didn't crash when I did it manually from GDB though!

I'm surprised it works for other devs. Admittedly my .zip is special as it's appened to EBOOT.PBP (with zip -A), in an attempt to create bundled resources, so it has a non-zero offset :) However the code that parses d->z_offset is always executed AFAICS.

I'm going to submit a patch for this; do you think my solution is fine, or is there a better way?
Top
Beuc
Posts: 33
Joined: Thu Mar 26, 2009 5:04 am
Location: holland

Post by Beuc »

And here's the patch:
http://forums.ps2dev.org/viewtopic.php?t=11869

zziplib already has code similar to mine (__zzip_get32(c)), I made it use it in all little-endian cases.
Top
Post Reply

Return to “PSP Development”