[bug-inetutils] Potential segmentation fault in ifconfig

bug-inetutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-inetutils] Potential segmentation fault in ifconfig

From:	Diego Nieto Cid
Subject:	[bug-inetutils] Potential segmentation fault in ifconfig
Date:	Fri, 30 Jul 2010 13:16:14 -0300

Here is a trace of the execution path leading to the segmentation fault:

| void parse_cmdline (int argc, char *argv[]) {
|  if (!ifs) {
|  /* No interfaces specified.  Get a list of all interfaces.  */
|  struct if_nameindex *ifnx, *ifnxp;
|  ifnx = ifnxp = if_nameindex ();
|
|      struct if_nameindex * if_nameindex (void) {
|        #if defined(SIOCGIFCONF)
|        int fd = socket (AF_INET, SOCK_DGRAM, 0);
|        [...]
|        if (fd < 0)
|        return NULL;
|
|  while (ifnxp->if_index != 0 || ifnxp->if_name != NULL)

This path is reproducible when running on the Hurd while the pfinet
translator have not been started for eth0 as in that case the socket()
call returns -1. But that's another story :)

The point is that parse_cmdline should check for error conditions
signaled by if_nameindex (a NULL return value) and take appropriate
actions when that is the case.

[Prev in Thread]

Current Thread

[Next in Thread]

[bug-inetutils] Potential segmentation fault in ifconfig, Diego Nieto Cid <=
- Re: [bug-inetutils] Potential segmentation fault in ifconfig, Alfred M. Szmidt, 2010/07/31

Prev by Date: Re: [bug-inetutils] inetutils-1.8 - ifconfig -a doesn't work as expected
Next by Date: [bug-inetutils] [patch cont.] Mending client tftp for IPv6
Previous by thread: [bug-inetutils] On additions to libinetutils.a for IPv6
Next by thread: Re: [bug-inetutils] Potential segmentation fault in ifconfig
Index(es):
- Date
- Thread