Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: openbsd.org > bugs > 03 > 041171.html (Request Expert openbsd.org Support)

Re: A bug in message_add_payload()

From: Hakan Olsson <ho(at)crt.se>
Date: Tue Apr 15 2003 - 16:08:15 EDT

On Tue, 15 Apr 2003, Aref Taidi wrote:

> Dear Sir/Madam,

I'm sorry, but I do not see how that realloc call is bad. It will add space for a new "struct iovec" to msg->iov, and this new space is filled in (both variables) a few lines further down. Clearing that space before this would be pointless. I see no error here.

In fact, the calloc() call for msg->iov in message_alloc() could be replaced with a malloc() call instead, as the same thing happens there.

However, what looks a bit strange in the message_add_payload() function is the allocation of the 'payload_node' struct, as this allocated space is not zeroed, only partially filled in, and used later on during execution. I guess this may be your problem, although I have not checked if those other variables in 'payload_node' are actually used later.

Here's a diff for it:

Index: message.c


RCS file: /cvs/src/sbin/isakmpd/message.c,v retrieving revision 1.57 
diff -u -r1.57 message.c
--- message.c   11 Sep 2002 09:50:44 -0000      1.57
+++ message.c   15 Apr 2003 19:59:31 -0000
@@ -1343,10 +1343,10 @@
Do you need help?X

   struct iovec *new_iov;
   struct payload *payload_node;

  • payload_node = malloc (sizeof *payload_node); + payload_node = calloc (1, sizeof *payload_node); if (!payload_node) {
  • log_error ("message_add_payload: malloc (%lu) failed", + log_error ("message_add_payload: calloc (1, %lu) failed", (unsigned long)sizeof *payload_node); return -1; }

In case I missed anything regarding the realloc() code, please tell me so. If you like, also mail me a diff with a proposed solution for it.

/H 

--
Håkan Olsson         (+46) 708 437 337     Carlstedt Research
Unix, Networking, Security      (+46) 31 701 4264        & Technology AB
Received on Tue Apr 15 16:10:08 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:29:54 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library