The code used to send and receive data from sockets through Ada
streams (in GNAT.Sockets) may be bogus if an empty array is sent or
expected to be received. An empty array will have its upper bound
smaller than its lower bound, but the code in GNAT.Sockets assumes
that the difference is always one.
One could argue that the suspicious Read and Write subprograms with
this flaw are not present in the spec, and that GNAT will not call
them with empty arrays while writing data onto the stream using stream
attributes; however, it is possible to obtain a Stream_Access which is
an access to those private stream types. The Read and Write
subprograms then become usable from outside the package through
dispatching, as they are overloads of Ada.Streams.Root_Stream_Type
primitive operations.
Thanks to Laurent Guerby for pointing this out.
--
Summary: Socket stream subprograms incorrectly handling null
arrays
Product: gcc
Version: 4.4.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: ada
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: sam at gcc dot gnu dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=35953
