[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[leafnode-list] Segfault in leafnode-2.0.0.alpha20030127a
Hello all,
I just compiled and installed leafnode-2.0.0.alpha20030127a and found
that running fetchnews with the -f parameter results in a segmentation
fault. The fault occurs on line 191 of activutil.c:
while (l) {
la = l;
newsgroup_copy(active + count, l->entry);
l = l->next;
count++;
free(l->entry); <<<<---- **** Segfault here ******
free(la); /* clean up */
}
It seems that "l" is moved to the next entry without being checked for
NULL-ness and then dereferenced. An older version I have lying around
(leafnode-2.0-snapshot-20020910a) does things in a different, more
correct order:
while (l) {
la = l;
active[count].name = (l->entry)->name;
active[count].first = (l->entry)->first;
active[count].last = (l->entry)->last;
active[count].count = (l->entry)->count;
active[count].age = (l->entry)->age;
active[count].desc = (l->entry)->desc;
active[count].status = (l->entry)->status;
free(l->entry);
l = l->next;
count++;
free(la); /* clean up */
}
Rearranging the lines in the 20030127a activutil.c file to mirror the
order used in 20020910a as shown below appears to fix the problem.
while (l) {
la = l;
newsgroup_copy(active + count, l->entry);
free(l->entry);
l = l->next;
count++;
free(la); /* clean up */
}
--
Chris Mears
chris@xxxxxxxxxxxxxxxxxx
--
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list