[PATCH] 3.4.1 segfault
Marc Aurele La France
tsi at ualberta.ca
Thu Sep 10 08:26:44 MDT 2009
Hi.
The attached, supplied as plain text and gzipped, fixes an occasional
segfault caused by an out-of-bounds reference in config file parsing.
This likely applies to other versions as well, modulo fuzz.
Marc.
+----------------------------------+----------------------------------+
| Marc Aurele La France | work: 1-780-492-9310 |
| Academic Information and | fax: 1-780-492-1729 |
| Communications Technologies | email: tsi at ualberta.ca |
| 352 General Services Building +----------------------------------+
| University of Alberta | |
| Edmonton, Alberta | Standard disclaimers apply |
| T6G 2H1 | |
| CANADA | |
+----------------------------------+----------------------------------+
XFree86 developer and VP. ATI driver and X server internals.
-------------- next part --------------
diff -adNpru samba-3.4.1/source3/lib/interfaces.c devel-3.4.1/source3/lib/interfaces.c
--- samba-3.4.1/source3/lib/interfaces.c 2009-09-09 06:40:43.000000000 -0600
+++ devel-3.4.1/source3/lib/interfaces.c 2009-09-10 07:56:43.000000000 -0600
@@ -156,10 +156,6 @@ static int _get_interfaces(TALLOC_CTX *m
/* Loop through interfaces, looking for given IP address */
for (ifptr = iflist; ifptr != NULL; ifptr = ifptr->ifa_next) {
- memset(&ifaces[total], '\0', sizeof(ifaces[total]));
-
- copy_size = sizeof(struct sockaddr_in);
-
if (!ifptr->ifa_addr || !ifptr->ifa_netmask) {
continue;
}
@@ -169,6 +165,10 @@ static int _get_interfaces(TALLOC_CTX *m
continue;
}
+ memset(&ifaces[total], '\0', sizeof(ifaces[total]));
+
+ copy_size = sizeof(struct sockaddr_in);
+
ifaces[total].flags = ifptr->ifa_flags;
#if defined(HAVE_IPV6)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: devel-3.4.1.udiff.gz
Type: application/octet-stream
Size: 419 bytes
Desc:
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20090910/3291e436/attachment.obj>
More information about the samba-technical
mailing list