Bug Four Answer
This is a word-alignment problem. In pack, there
is a memcpy call used to transport the int
into an arbitrary position in memory. However, in unpack
the void pointer is simply cast to an int pointer and dereferenced.
This won't work (on most machines) if the pointer is not to an address which
is a multiple of 4. That is the difference between the first
and second call to unpack in the hint
program. In the first case, the int just
happens to be at an address which is a multiple of four (since the string
is 4 bytes long, including the terminating null). In the second case, the
int is out of alignment.
I found this bug in the wild about a week ago while I was
programming multiplayer networked tetris. The pack and unpacking ideas
are used to put together data in a packet format to be sent via TCP/IP.
This is just another example of why your favorite random string
should not have length one less than a multiple of four (since otherwise you
would never notice this bug)!