Several Bugs in cfengine 2.0.4?

[Andreas Poenicke]

Hallo,

having some trouble with a segmentation fault,
I did an intense debugging of cfengine 2.0.4.

Probably there are some problems:

========================================

cfagent.c:
----------

Line 122: 
In ParseInputFiles(), DeleteParser() is called.
This includes free(LINKTO). Nevertheless LINKTO
is used intensively later on.

Line 300:
        RAND_bytes(s,16) 
        seed=ElfHash(s)

ElfHash seems to assume a NULL terminated string.
But "RAND_bytes() puts num cryptographically strong 
pseudo-random bytes into buf." This means s is not
NULL terminated and even can have zeros earlier.
Therefor probably a loop " while(*s){... *s++ ...} "
like in ElfHash is not a good idea.

========================================

init.c:
------ 
Line 140:
SIGNALS[SIGINT] is defined a second time. 
-> Small memory leak.

========================================

install.c -> do.c -> link.c
------

The Argument "nofile" calling functions like
  int LinkChildFiles(from,to,type,inclusions,exclusions,copy,nofile,ptr)        
(of link.c) seems to be never initialised.
        
At least I can't find anything in 
install.c,L1757: void  InstallLinkChildrenItem(from,to) 
or later on.

========================================

do.c
----
lp->filters seems to be not initialized in MakeChildLinks,
before calling in line 444  RecursiveLink()

========================================

parse.c
-------
L.104 via the if(){} statement the function can
be left without calling DeleteParser().
This gives rise to a memory leak, if there is no 
update.conf. 

==================================================

Sorry, that I don't contribute any patches but the
whole source is to complex for me. Hope this helps
nevertheless.

Regards,
Andreas
-- 
Andreas Poenicke
Institut f"ur Theoretische Festk"orperphysik
Universit"at Karlsruhe, Wolfgang-Gaede-Str. 1, D-76128 Karlsruhe
e-mail: address@hidden