Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 13 Oct 2003 07:30:18 -0700 (PDT)
From:      Maxim Konovalov <maxim@macomnet.ru>
To:        freebsd-bugs@FreeBSD.org
Subject:    Re: bin/56696: atacontrol core dump (sscanf on unintialized pointer)
Message-ID:  <200310131430.h9DEUINj022527@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The following reply was made to PR bin/56696; it has been noted by GNATS.

From: Maxim Konovalov <maxim@macomnet.ru>
To: Igor Truszkowski <igort@intergate.pl>
Cc: sos@freebsd.org, bug-followup@freebsd.org
Subject: Re: bin/56696: atacontrol core dump (sscanf on unintialized pointer)
Date: Mon, 13 Oct 2003 18:27:41 +0400 (MSD)

 Please try enclosed patch.
 
 Index: atacontrol.c
 ===================================================================
 RCS file: /home/ncvs/src/sbin/atacontrol/atacontrol.c,v
 retrieving revision 1.26
 diff -u -r1.26 atacontrol.c
 --- atacontrol.c	24 Aug 2003 09:23:54 -0000	1.26
 +++ atacontrol.c	13 Oct 2003 14:22:34 -0000
 @@ -339,14 +339,19 @@
  		int disk, dev, offset;
 
  		iocmd.cmd = ATARAIDCREATE;
 -		if (!strcmp(argv[2], "RAID0") || !strcmp(argv[2], "stripe"))
 -			iocmd.u.raid_setup.type = 1;
 -		if (!strcmp(argv[2], "RAID1") || !strcmp(argv[2],"mirror"))
 -			iocmd.u.raid_setup.type = 2;
 -		if (!strcmp(argv[2], "RAID0+1"))
 -			iocmd.u.raid_setup.type = 3;
 -		if (!strcmp(argv[2], "SPAN") || !strcmp(argv[2], "JBOD"))
 -			iocmd.u.raid_setup.type = 4;
 +		if (argc > 2) {
 +			if (!strcmp(argv[2], "RAID0") ||
 +			    !strcmp(argv[2], "stripe"))
 +				iocmd.u.raid_setup.type = 1;
 +			if (!strcmp(argv[2], "RAID1") ||
 +			    !strcmp(argv[2], "mirror"))
 +				iocmd.u.raid_setup.type = 2;
 +			if (!strcmp(argv[2], "RAID0+1"))
 +				iocmd.u.raid_setup.type = 3;
 +			if (!strcmp(argv[2], "SPAN") ||
 +			    !strcmp(argv[2], "JBOD"))
 +				iocmd.u.raid_setup.type = 4;
 +		}
  		if (!iocmd.u.raid_setup.type) {
  			fprintf(stderr, "atacontrol: Invalid RAID type\n");
  			fprintf(stderr, "atacontrol: Valid RAID types : \n");
 @@ -356,7 +361,7 @@
  		}
 
  		if (iocmd.u.raid_setup.type & 1) {
 -			if (!sscanf(argv[3], "%d",
 +			if (argc < 4 || !sscanf(argv[3], "%d",
  				    &iocmd.u.raid_setup.interleave) == 1) {
  				fprintf(stderr, "atacontrol: Invalid interleave\n");
  				exit(EX_USAGE);
 %%%
 
 -- 
 Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310131430.h9DEUINj022527>