<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
--></style>
</head>
<body class='hmmessage'>
<br><div>> "+CMGR:" is 6 characters. Variable position is pointing at the first one,</div><div>> so after executing line 178, variable beginning points *past* the</div><div>> terminating zero and into invalid memory, does it not?</div><div><br></div><div>> Then "end=beginning;" is executed, and next "*end" from</div><div>> the for-loop condition is an invalid access.<br></div><div><br></div><div>Perhaps I can express more clearly what I think is wrong by</div><div>proposing fixes, which may or may not be the correct fixes:</div><div><br></div><div>proposition 1: change line 171 to:</div><div> position=strstr(answer,"+CMGR: ");</div><div><br></div><div>proposition 2: change line 178 to:</div><div> beginning=position+6;</div><div><br></div><div>But both these propositions may have subtle side-effects, so I don't</div><div>know which is right. Proposition 1 changes the execution path</div><div>of the function if "+CMGR:,,0\r" is a possible answer. Proposition 2</div><div>adds a space at the beginning of the substring pointed to by variable</div><div>"beginning" copied to pdu at line 192.</div><div><br></div><div>While we are looking at this code, I think that the test</div><div>"end-beginning<4" at line 188 is always false, but this is a completely</div><div>orthogonal issue, and probably harmless. Perhaps the bug is that</div><div>this condition shouldn't be tested at line 185 though, in which case it</div><div>is not completely harmless.</div><div><br></div><div>Pascal</div><div><br></div> <br /><hr />Hotmail: Free, trusted and rich email service. <a href='https://signup.live.com/signup.aspx?id=60969' target='_new'>Get it now.</a></body>
</html>