Date: Mon, 11 Oct 2004 11:17:25 +0100 From: Brian Somers <brian@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/59995: various fixes to ppp dumping core Message-ID: <20041011111725.154ac69c@dev.lan.Awfulhak.org> In-Reply-To: <200410060604.i9664L7p017952@freefall.freebsd.org> References: <200410060604.i9664L7p017952@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 6 Oct 2004 06:04:21 GMT, Gleb Smirnoff <glebius@FreeBSD.org> wrote: > Synopsis: various fixes to ppp dumping core > > Responsible-Changed-From-To: freebsd-bugs->brian > Responsible-Changed-By: glebius > Responsible-Changed-When: Wed Oct 6 06:03:18 GMT 2004 > Responsible-Changed-Why: > Over to ppp(8) maintainer. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=59995 As already suggested, free(NULL) is ok to do, so no patch to chap.c is necessary. The proposed patch to command.c is wrong. Consider subst("hello world!", "world", "universe") The line ntgt = realloc(tgt, ltgt += lnewstr - loldstr); allocates 16 bytes (13 + 8 - 5). The lines if (lnewstr > loldstr) bcopy(word + loldstr, word + lnewstr, ltgt - pos - loldstr); copy the end of the string ("!\000"): bcopy(word + 5, word + 8, 2) With the command.c patch this would become bcopy(word + 5, word + 8, -1) The proposed patch to ncp.c has already been fixed in -current to support WARNS=3. -- Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org> <http://www.Awfulhak.org>; <brian@[uk.]OpenBSD.org> Don't _EVER_ lose your sense of humour !
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041011111725.154ac69c>