DragonFly BSD
 

Message5066

Issues
Show Unassigned
Show All
Search

Login




Register
Lost your login?

Help
Roundup docs

Author pierre.riteau
Recipients
Date 2008-07-26.21:06:05
Content
OK, I tracked it down to an off-by-one that was probably corrupting
malloc internals.

A quick grep through the code found the same issue in other files
(looks like copy and paste).

Diff inline below.

Pierre Riteau

Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c,v
retrieving revision 1.1.1.1
diff -p -u -r1.1.1.1 conn_caps.c
--- contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c	12 Mar 2008 22:15:54 -0000	1.1.1.1
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_caps.c	26 Jul 2008 18:50:59 -0000
@@ -285,7 +285,7 @@ dfui_caps_fe_ll_request(struct dfui_conn
 	 * Construct a message.
 	 */

-	fmsg = aura_malloc(strlen(msg) + 1, "exchange message");
+	fmsg = aura_malloc(strlen(msg) + 2, "exchange message");
 	fmsg[0] = msgtype;
 	strcpy(fmsg + 1, msg);
 	dfui_debug("SEND<<%s>>\n", fmsg);
Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c,v
retrieving revision 1.1.1.1
diff -p -u -r1.1.1.1 conn_npipe.c
--- contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c	12 Mar 2008 22:15:54 -0000	1.1.1.1
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_npipe.c	26 Jul 2008 18:49:00 -0000
@@ -340,7 +340,7 @@ dfui_npipe_fe_ll_request(struct dfui_con
 	 * Construct a message.
 	 */

-	fmsg = malloc(strlen(msg) + 1);
+	fmsg = malloc(strlen(msg) + 2);
 	fmsg[0] = msgtype;
 	strcpy(fmsg + 1, msg);

Index: contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c
===================================================================
RCS file: /home/dcvs/src/contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c,v
retrieving revision 1.1.1.1
diff -p -u -r1.1.1.1 conn_tcp.c
--- contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c	12 Mar 2008 22:15:54 -0000	1.1.1.1
+++ contrib/bsdinstaller-1.1.6/src/lib/libdfui/conn_tcp.c	26 Jul 2008 17:11:57 -0000
@@ -394,7 +394,7 @@ dfui_tcp_fe_ll_request(struct dfui_conne
 	 * Construct a message.
 	 */

-	fmsg = malloc(strlen(msg) + 1);
+	fmsg = malloc(strlen(msg) + 2);
 	fmsg[0] = msgtype;
 	strcpy(fmsg + 1, msg);
 	dfui_debug("SEND<<%s>>\n", fmsg);
History
Date User Action Args
2008-07-26 21:06:15pierre.riteaulinkissue1080 messages
2008-07-26 21:06:05pierre.riteaucreate