rpms / net-tools

Clone
Source Code
GIT

Files

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f7 f8 f9 main rawhide
  1.   f8
  2.   net-tools-1.60-interface_stack.patch
Blob Blame History Raw 
Bugzilla Bug 176714 – *** stack smashing detected ***: /sbin/ifconfig terminated

--- lib/interface.c-old	2005-12-30 11:08:15.000000000 -0800
+++ lib/interface.c	2005-12-30 11:17:02.000000000 -0800
@@ -201,10 +201,11 @@
     return err;
 }
 
-static char *get_name(char *name, char *p)
+static char *get_name(char **namep, char *p)
 {
     while (isspace(*p))
 	p++;
+    char *name = *namep = p;
     while (*p) {
 	if (isspace(*p))
 	    break;
@@ -305,9 +306,10 @@
 {
     static int proc_read; 
     FILE *fh;
-    char buf[512];
     struct interface *ife;
     int err;
+    char *line = NULL;
+    size_t linelen = 0;
 
     if (proc_read) 
 	    return 0; 
@@ -320,8 +322,11 @@
 			_PATH_PROCNET_DEV, strerror(errno)); 
 		return if_readconf();
 	}	
-    fgets(buf, sizeof buf, fh);	/* eat line */
-    fgets(buf, sizeof buf, fh);
+    if (getline(&line, &linelen, fh) == -1 /* eat line */
+	|| getline(&line, &linelen, fh) == -1) {
+		err = -1;
+		goto out;
+    }
 
 #if 0				/* pretty, but can't cope with missing fields */
     fmt = proc_gen_fmt(_PATH_PROCNET_DEV, 1, fh,
@@ -346,13 +351,13 @@
     if (!fmt)
 	return -1;
 #else
-    procnetdev_vsn = procnetdev_version(buf);
+    procnetdev_vsn = procnetdev_version(line);
 #endif
 
     err = 0;
-    while (fgets(buf, sizeof buf, fh)) {
-	char *s, name[IFNAMSIZ];
-	s = get_name(name, buf);    
+    while (getline(&line, &linelen, fh) != -1) {
+	char *s, *name;
+	s = get_name(&name, line);    
 	ife = add_interface(name);
 	get_dev_fields(s, ife);
 	ife->statistics_valid = 1;
@@ -368,6 +373,8 @@
 #if 0
     free(fmt);
 #endif
+  out:
+    free(line);
     fclose(fh);
     return err;
 }
@@ -376,8 +383,9 @@
 static int if_readlist_rep(char *target, struct interface *ife)
 {
     FILE *fh;
-    char buf[512];
     int err;
+    char *line = NULL;
+    size_t linelen = 0;
 
     fh = fopen(_PATH_PROCNET_DEV, "r");
     if (!fh) {
@@ -385,15 +393,18 @@
 			_PATH_PROCNET_DEV, strerror(errno)); 
 		return if_readconf();
 	}	
-    fgets(buf, sizeof buf, fh);	/* eat line */
-    fgets(buf, sizeof buf, fh);
+    if (getline(&line, &linelen, fh) == -1 /* eat line */
+	|| getline(&line, &linelen, fh) == -1) {
+		err = -1;
+		goto out;
+    }
 
-    procnetdev_vsn = procnetdev_version(buf);
+    procnetdev_vsn = procnetdev_version(line);
 
     err = 0;
-    while (fgets(buf, sizeof buf, fh)) {
-	char *s, name[IFNAMSIZ];
-	s = get_name(name, buf);    
+    while (getline(&line, &linelen, fh) != -1) {
+	char *s, *name;
+	s = get_name(&name, line);    
 	get_dev_fields(s, ife);
 	if (target && !strcmp(target,name))
 	{
@@ -406,6 +417,8 @@
 	err = -1;
     }
 
+  out:
+    free(line);
     fclose(fh);
     return err;
 }
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.