bin/83369: [ PATCH ] incorrect handling of malloc failures within
librpcsvc's xencrypt()/xdecrypt()
Dan Lukes
dan at obluda.cz
Wed Jul 13 07:30:11 GMT 2005
>Number: 83369
>Category: bin
>Synopsis: [ PATCH ] incorrect handling of malloc failures within librpcsvc's xencrypt()/xdecrypt()
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jul 13 07:30:09 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Dan Lukes
>Release: FreeBSD 5.4-STABLE i386
>Organization:
Obludarium
>Environment:
System: FreeBSD 5.4-STABLE #8: Sat Jul 9 16:31:08 CEST 2005 i386
lib/librpcsvc/xcrypt.c,v 1.4 2002/03/21 23:53:40 obrien
lib/librpcsvc/Makefile,v 1.16.8.2 2005/02/13 07:23:14 obrien
>Description:
Incorrect handling of malloc failures within librpcsvc's xencrypt()/xdecrypt()
>How-To-Repeat:
>Fix:
--- patch begins here ---
--- lib/librpcsvc/xcrypt.c.ORIG Mon Jul 1 22:53:53 2002
+++ lib/librpcsvc/xcrypt.c Wed Jul 13 09:17:19 2005
@@ -63,7 +63,9 @@
int len;
len = strlen(secret) / 2;
- buf = malloc((unsigned)len);
+ if ((buf = malloc((unsigned)len)) == NULL) {
+ return(0);
+ }
hex2bin(len, secret, buf);
passwd2des(passwd, key);
@@ -96,7 +98,9 @@
int len;
len = strlen(secret) / 2;
- buf = malloc((unsigned)len);
+ if ((buf = malloc((unsigned)len)) == NULL) {
+ return(0);
+ }
hex2bin(len, secret, buf);
passwd2des(passwd, key);
--- lib/librpcsvc/Makefile.ORIG Mon Feb 14 12:33:34 2005
+++ lib/librpcsvc/Makefile Wed Jul 13 09:19:51 2005
@@ -29,6 +29,8 @@
NOMAN=
+WARNS+= 2
+
.include <bsd.lib.mk>
.SUFFIXES: .x _xdr.c
--- patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list