[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-inetutils] Potential segmentation fault in ifconfig
From: |
Diego Nieto Cid |
Subject: |
[bug-inetutils] Potential segmentation fault in ifconfig |
Date: |
Fri, 30 Jul 2010 13:16:14 -0300 |
Here is a trace of the execution path leading to the segmentation fault:
| void parse_cmdline (int argc, char *argv[]) {
| if (!ifs) {
| /* No interfaces specified. Get a list of all interfaces. */
| struct if_nameindex *ifnx, *ifnxp;
| ifnx = ifnxp = if_nameindex ();
|
| struct if_nameindex * if_nameindex (void) {
| #if defined(SIOCGIFCONF)
| int fd = socket (AF_INET, SOCK_DGRAM, 0);
| [...]
| if (fd < 0)
| return NULL;
|
| while (ifnxp->if_index != 0 || ifnxp->if_name != NULL)
This path is reproducible when running on the Hurd while the pfinet
translator have not been started for eth0 as in that case the socket()
call returns -1. But that's another story :)
The point is that parse_cmdline should check for error conditions
signaled by if_nameindex (a NULL return value) and take appropriate
actions when that is the case.
- [bug-inetutils] Potential segmentation fault in ifconfig,
Diego Nieto Cid <=