curl-users
[ curl-Bugs-611874 ] Further crashes caused in ftp.c (64-bit)
Date: Thu, 19 Sep 2002 15:16:19 -0700
Bugs item #611874, was opened at 2002-09-19 15:16
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=611874&group_id=976
Category: libcurl
Group: crash
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Daniel Stenberg (bagder)
Summary: Further crashes caused in ftp.c (64-bit)
Initial Comment:
I found two more pointer arithmetic problems in ftp.c.
These also
rely on a pointer-to-integer being manipulated as a
pointer-to-char.
A second problem comes with the initialization of the
hostent_buf
structure. It should be initialized to zero for both
the struct hostent
and struct hostent_data structures. This is the patch.
Craig Markwardt
craigm_at_lheamail.gsfc.nasa.gov
--- ftp.c~ Thu Jun 13 04:21:08 2002
+++ ftp.c Thu Sep 19 17:05:32 2002
@@ -906,14 +906,16 @@
/* Bjorn Reese (November 28 2001):
The Tru64 man page on gethostbyaddr_r() says that
the hostent struct must be filled with zeroes
before the call to
- gethostbyaddr_r(). */
+ gethostbyaddr_r().
- memset(hostent_buf, 0, sizeof(struct hostent));
+ ... as must be struct hostent_data Craig
Markwardt 19 Sep 2002. */
+
+ memset(hostent_buf, 0, sizeof(struct
hostent)+sizeof(struct hostent_data));
if(gethostbyaddr_r((char *) &address,
sizeof(address), AF_INET,
(struct hostent *)hostent_buf,
- (struct hostent_data
*)(hostent_buf + sizeof(*answer))))
+ (struct hostent_data *)((char
*)hostent_buf + sizeof(*answer))))
answer=NULL;
else
answer=(struct hostent *)hostent_buf;
@@ -923,7 +925,7 @@
/* Solaris and IRIX */
answer = gethostbyaddr_r((char *) &address,
sizeof(address), AF_INET,
(struct hostent *)bigbuf,
- hostent_buf +
sizeof(*answer),
+ (char *) hostent_buf +
sizeof(*answer),
sizeof(bigbuf) -
sizeof(*answer),
&h_errnop);
# endif
@@ -931,7 +933,7 @@
/* Linux style */
if(gethostbyaddr_r((char *) &address,
sizeof(address), AF_INET,
(struct hostent *)hostent_buf,
- hostent_buf + sizeof(*answer),
+ (char *) hostent_buf +
sizeof(*answer),
sizeof(bigbuf) - sizeof(*answer),
&answer,
&h_errnop))
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=611874&group_id=976
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
Received on 2002-09-20