Date: Mon, 7 Apr 1997 09:05:51 +0900 (JST) From: h-nokubi@nmit.mt.nec.co.jp To: FreeBSD-gnats-submit@freebsd.org Subject: bin/3218: syscons causes segmentation fault by repeating cancel with ESC at FTP site setting Message-ID: <199704070005.JAA00580@p28.sss.abk.nec.co.jp> Resent-Message-ID: <199704070440.VAA20856@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 3218
>Category: bin
>Synopsis: syscons causes segmentation fault by repeating cancel with ESC at FTP site setting
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Apr 6 21:40:03 PDT 1997
>Last-Modified:
>Originator: NOKUBI Hirotaka
>Organization:
NEC Microcomputer Technology Ltd., Tokyo, Japan
>Release: FreeBSD 2.2.1-RELEASE i386
>Environment:
FreeBSD fifthluna.nokubi.or.jp 2.2.1-RELEASE FreeBSD 2.2.1-RELEASE #1: Sat Apr 5 16:07:50 JST 1997 root@sassaby.nokubi.or.jp:/usr/src/.ports/2.2.1-RELEASE/sys/compile/HN2 i386
>Description:
Cancel FTP site selection menu with ESC for a few times.
Sysinstall cause segmentation fault.
>How-To-Repeat:
slightly complicated, sorry.
Invoke sysinstall, then follow these sequences.
7, SPC, 5, SPC, 2, SPC, SPC, SPC, n, ESC, SPC, 2, SPC, 2, SPC
<enter URL>, RET, SPC, n, <fill out network configuration>, <OK>,
SPC, 2, SPC, n, SPC, n, SPC, n, ESC, SPC, 2, SPC, SPC, SPC, n, ESC,
SPC, 2, SPC, 2, SPC, <enter URL>, RET, SPC, n, ESC, SPC, 2, SPC,
SPC, SPC, n, ESC, SPC, 2, SPC
>Fix:
variable_unset() frees next of the specified one.
here is patch.
--- variable.c Sat Apr 5 15:23:26 1997
+++ variable.c.corrected Sat Apr 5 15:03:03 1997
@@ -131,9 +131,9 @@
if (!strcmp(vp->name, var)) {
Variable *save = vp->next;
+ safe_free(vp->name);
+ safe_free(vp->value);
*vp = *save;
- safe_free(save->name);
- safe_free(save->value);
safe_free(save);
break;
}
I'm not sure, but following code is also something wrong.
void
variable_unset(char *var)
{
Variable *vp;
char name[512], *cp;
unsetenv(var);
if ((cp = index(var, '=')) != NULL) {
sstrncpy(name, cp, cp - var);
var = string_skipwhite(string_prune(name));
}
....
....
For example, `var' points the string:
"site=ftp://ftp.freebsd.org/pub/FreeBSD/"
above code copies "=ftp". How is it used? I can't understand it.
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704070005.JAA00580>