Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 4 Feb 2005 17:30:07 +0100 (CET)
From:      Martin Birgmeier <martin@email.aon.at>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   bin/77104: [patch] fixes to ppp dumping core when doing log/command substitutions
Message-ID:  <200502041630.j14GU78R001634@gandalf.xyzzy>
Resent-Message-ID: <200502041630.j14GUIsA094017@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         77104
>Category:       bin
>Synopsis:       [patch] fixes to ppp dumping core when doing log/command substitutions
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 04 16:30:17 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Martin Birgmeier
>Release:        FreeBSD 4.10-RELEASE i386
>Organization:
MBi at home
>Environment:
System: FreeBSD gandalf.xyzzy 4.10-RELEASE FreeBSD 4.10-RELEASE #0: Sun Jul 4 12:28:27 CEST 2004 root@gandalf.xyzzy:/d/6s4e/OBJ/FreeBSD/RELENG_4_10_0_RELEASE/src/sys/GANDALF i386

>Description:
	User ppp dumps core when using log substitutions

	In spite of what whoever is writing in
	http://www.freebsd.org/cgi/query-pr.cgi?pr=59995 at Mon Oct
	11 11:16:04 GMT 2004, the problem still persists, and the
	fix given there (and repeated here) for command.c is still
	valid and necessary for RELENG_4, RELENG_5, and HEAD.

	Hint: The reason why the fix is correct lies in the following
	line from command.c:

	    ntgt = realloc(tgt, ltgt += lnewstr - loldstr);

	Just think about it!

>How-To-Repeat:
	Start ppp; use logfile (or command) substitutions which expand the
	string (e.g., "HISADDR", which would be expanded to a string like
	"192.168.55.245")

>Fix:

*** usr.sbin/ppp/command.c.ORIG	Sat Dec  6 21:31:04 2003
--- usr.sbin/ppp/command.c	Sat Dec  6 21:32:06 2003
***************
*** 452,458 ****
        tgt = ntgt;
      }
      if (lnewstr > loldstr)
!       bcopy(word + loldstr, word + lnewstr, ltgt - pos - loldstr);
      bcopy(newstr, word, lnewstr);
    } while ((word = strstrword(word, oldstr)));
  
--- 452,458 ----
        tgt = ntgt;
      }
      if (lnewstr > loldstr)
!       bcopy(word + loldstr, word + lnewstr, ltgt - pos - lnewstr);
      bcopy(newstr, word, lnewstr);
    } while ((word = strstrword(word, oldstr)));
  

--
Martin Birgmeier

Vienna
Austria
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200502041630.j14GU78R001634>