cURL / Mailing Lists / curl-users / Single Mail

curl-users

[ curl-Bugs-611874 ] Further crashes caused in ftp.c (64-bit)

From: <noreply_at_sourceforge.net>
Date: Thu, 19 Sep 2002 15:16:19 -0700

Bugs item #611874, was opened at 2002-09-19 15:16
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=611874&group_id=976

Category: libcurl
Group: crash
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Daniel Stenberg (bagder)
Summary: Further crashes caused in ftp.c (64-bit)

Initial Comment:
I found two more pointer arithmetic problems in ftp.c.
These also
rely on a pointer-to-integer being manipulated as a
pointer-to-char.

A second problem comes with the initialization of the
hostent_buf
structure. It should be initialized to zero for both
the struct hostent
and struct hostent_data structures. This is the patch.

Craig Markwardt
craigm_at_lheamail.gsfc.nasa.gov

--- ftp.c~ Thu Jun 13 04:21:08 2002
+++ ftp.c Thu Sep 19 17:05:32 2002
@@ -906,14 +906,16 @@
   /* Bjorn Reese (November 28 2001):
      The Tru64 man page on gethostbyaddr_r() says that
      the hostent struct must be filled with zeroes
before the call to
- gethostbyaddr_r(). */
+ gethostbyaddr_r().

- memset(hostent_buf, 0, sizeof(struct hostent));
+ ... as must be struct hostent_data Craig
Markwardt 19 Sep 2002. */
+
+ memset(hostent_buf, 0, sizeof(struct
hostent)+sizeof(struct hostent_data));

   if(gethostbyaddr_r((char *) &address,
                      sizeof(address), AF_INET,
                      (struct hostent *)hostent_buf,
- (struct hostent_data
*)(hostent_buf + sizeof(*answer))))
+ (struct hostent_data *)((char
*)hostent_buf + sizeof(*answer))))
     answer=NULL;
   else
     answer=(struct hostent *)hostent_buf;
@@ -923,7 +925,7 @@
   /* Solaris and IRIX */
   answer = gethostbyaddr_r((char *) &address,
sizeof(address), AF_INET,
                            (struct hostent *)bigbuf,
- hostent_buf +
sizeof(*answer),
+ (char *) hostent_buf +
sizeof(*answer),
                            sizeof(bigbuf) -
sizeof(*answer),
                            &h_errnop);
# endif
@@ -931,7 +933,7 @@
   /* Linux style */
   if(gethostbyaddr_r((char *) &address,
sizeof(address), AF_INET,
                      (struct hostent *)hostent_buf,
- hostent_buf + sizeof(*answer),
+ (char *) hostent_buf +
sizeof(*answer),
                      sizeof(bigbuf) - sizeof(*answer),
                      &answer,
                      &h_errnop))

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=611874&group_id=976

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
Received on 2002-09-20

This message: [ Message body ]
Next message: Ralph Mitchell: "Re: I lost my double quotes!"
Previous message: noreply_at_sourceforge.net: "[ curl-Bugs-611823 ] segfault ftp'ing (revised 611811)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]