Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 10 Oct 2002 07:05:47 +0200
From:      Poul-Henning Kamp <phk@critter.freebsd.dk>
To:        Giorgos Keramidas <keramida@freebsd.org>
Cc:        audit@freebsd.org
Subject:   Re: mdconfig core dump 
Message-ID:  <29424.1034226347@critter.freebsd.dk>
In-Reply-To: Your message of "Thu, 10 Oct 2002 01:05:33 %2B0300." <20021009220532.GA21391@hades.hell.gr>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <20021009220532.GA21391@hades.hell.gr>, Giorgos Keramidas writes:
>Tonight, on a world compiled from last night's sources, mdconfig(8)
>started dumping cores for me.  The stack trace was:
>
>#0  0x080491da in strsep ()
>#1  0x08048961 in list (fd=3) at /usr/src/sbin/mdconfig/mdconfig.c:219
>#2  0x080487cc in main (argc=2, argv=0xbfbffaf0) at
>    /usr/src/sbin/mdconfig/mdconfig.c:176
>#3  0x08048139 in _start ()
>
>Does the following look a reasonable change?  It seems that strsep()
>starts getting angry when fed a non-nul-terminated buffer.

Absolutely.  Commit it.
>
>%%%
>Index: mdconfig.c
>===================================================================
>RCS file: /home/ncvs/src/sbin/mdconfig/mdconfig.c,v
>retrieving revision 1.23
>diff -u -r1.23 mdconfig.c
>--- mdconfig.c	21 Aug 2002 15:15:15 -0000	1.23
>+++ mdconfig.c	9 Oct 2002 22:01:19 -0000
>@@ -211,8 +211,9 @@
> 
> 	if (sysctlbyname("kern.disks", NULL, &dll, NULL, 0) == -1)
> 		err(1, "sysctlbyname: kern.disks");
>-	if ( (disklist = malloc(dll)) == NULL)
>+	if ( (disklist = malloc(dll + 1)) == NULL)
> 		err(1, "malloc");
>+	bzero(disklist, dll + 1);
> 	if (sysctlbyname("kern.disks", disklist, &dll, NULL, 0) == -1)
> 		err(1, "sysctlbyname: kern.disks");
> 
>%%%
>

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?29424.1034226347>