SOURCES: device-mapper-klibc.patch - fix null pointer dereference ...
glen
glen at pld-linux.org
Tue May 23 21:04:15 CEST 2006
Author: glen Date: Tue May 23 19:04:15 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- fix null pointer dereference on 'number' parameter.
recent lvm2 (lvm2-2.02.06) could call _get_proc_number() having it NULL:
Breakpoint 2, _get_proc_number (file=0xb7f97a08 "/proc/devices", name=0xb7f97a03 "misc", number=0xbffc4abc)
Breakpoint 2, _get_proc_number (file=0xb7f97a24 "/proc/misc", name=0xb7f97a16 "device-mapper", number=0xbffc4ab8)
Breakpoint 2, _get_proc_number (file=0xb7f97a08 "/proc/devices", name=0xb7f97a16 "device-mapper", number=0x0)
so just don't touch 'number' variable for temporary storage.
---- Files affected:
SOURCES:
device-mapper-klibc.patch (1.3 -> 1.4)
---- Diffs:
================================================================
Index: SOURCES/device-mapper-klibc.patch
diff -u SOURCES/device-mapper-klibc.patch:1.3 SOURCES/device-mapper-klibc.patch:1.4
--- SOURCES/device-mapper-klibc.patch:1.3 Sat Apr 22 20:56:30 2006
+++ SOURCES/device-mapper-klibc.patch Tue May 23 21:04:09 2006
@@ -83,7 +83,7 @@
+ size++;
+ } while (num > 0 && buf[size - 1] != '\n');
+ buf[size] = '\0';
-+ if (sscanf(buf, "%d %255s\n", number, &nm[0]) == 2) {
++ if (sscanf(buf, "%d %255s\n", &num, &nm[0]) == 2) {
if (!strcmp(name, nm)) {
if (number) {
*number = num;
@@ -96,7 +96,7 @@
- } while (c != EOF && c != '\n');
- }
+ }
-+ } while (num > 0);
++ } while (size > 0);
fclose(fl);
if (number) {
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/device-mapper-klibc.patch?r1=1.3&r2=1.4&f=u
More information about the pld-cvs-commit
mailing list