Bugzilla Bug 176714 – *** stack smashing detected ***: /sbin/ifconfig terminated

--- lib/interface.c-old	2005-12-30 11:08:15.000000000 -0800
+++ lib/interface.c	2005-12-30 11:17:02.000000000 -0800
@@ -201,10 +201,11 @@
     return err;
 }
 
-static char *get_name(char *name, char *p)
+static char *get_name(char **namep, char *p)
 {
     while (isspace(*p))
 	p++;
+    char *name = *namep = p;
     while (*p) {
 	if (isspace(*p))
 	    break;
@@ -305,9 +306,10 @@
 {
     static int proc_read; 
     FILE *fh;
-    char buf[512];
     struct interface *ife;
     int err;
+    char *line = NULL;
+    size_t linelen = 0;
 
     if (proc_read) 
 	    return 0; 
@@ -320,8 +322,11 @@
 			_PATH_PROCNET_DEV, strerror(errno)); 
 		return if_readconf();
 	}	
-    fgets(buf, sizeof buf, fh);	/* eat line */
-    fgets(buf, sizeof buf, fh);
+    if (getline(&line, &linelen, fh) == -1 /* eat line */
+	|| getline(&line, &linelen, fh) == -1) {
+		err = -1;
+		goto out;
+    }
 
 #if 0				/* pretty, but can't cope with missing fields */
     fmt = proc_gen_fmt(_PATH_PROCNET_DEV, 1, fh,
@@ -346,13 +351,13 @@
     if (!fmt)
 	return -1;
 #else
-    procnetdev_vsn = procnetdev_version(buf);
+    procnetdev_vsn = procnetdev_version(line);
 #endif
 
     err = 0;
-    while (fgets(buf, sizeof buf, fh)) {
-	char *s, name[IFNAMSIZ];
-	s = get_name(name, buf);    
+    while (getline(&line, &linelen, fh) != -1) {
+	char *s, *name;
+	s = get_name(&name, line);    
 	ife = add_interface(name);
 	get_dev_fields(s, ife);
 	ife->statistics_valid = 1;
@@ -368,6 +373,8 @@
 #if 0
     free(fmt);
 #endif
+  out:
+    free(line);
     fclose(fh);
     return err;
 }
@@ -376,8 +383,9 @@
 static int if_readlist_rep(char *target, struct interface *ife)
 {
     FILE *fh;
-    char buf[512];
     int err;
+    char *line = NULL;
+    size_t linelen = 0;
 
     fh = fopen(_PATH_PROCNET_DEV, "r");
     if (!fh) {
@@ -385,15 +393,18 @@
 			_PATH_PROCNET_DEV, strerror(errno)); 
 		return if_readconf();
 	}	
-    fgets(buf, sizeof buf, fh);	/* eat line */
-    fgets(buf, sizeof buf, fh);
+    if (getline(&line, &linelen, fh) == -1 /* eat line */
+	|| getline(&line, &linelen, fh) == -1) {
+		err = -1;
+		goto out;
+    }
 
-    procnetdev_vsn = procnetdev_version(buf);
+    procnetdev_vsn = procnetdev_version(line);
 
     err = 0;
-    while (fgets(buf, sizeof buf, fh)) {
-	char *s, name[IFNAMSIZ];
-	s = get_name(name, buf);    
+    while (getline(&line, &linelen, fh) != -1) {
+	char *s, *name;
+	s = get_name(&name, line);    
 	get_dev_fields(s, ife);
 	if (target && !strcmp(target,name))
 	{
@@ -406,6 +417,8 @@
 	err = -1;
     }
 
+  out:
+    free(line);
     fclose(fh);
     return err;
 }