Bug 119655

Summary: Network naming code loses track of existing interfaces
Product: [Fedora] Fedora Reporter: Alex Kiernan <alex.kiernan>
Component: kudzuAssignee: Bill Nottingham <notting>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 1.1.54-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-04-01 05:05:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Fix dangling pointer problem none

Description Alex Kiernan 2004-04-01 04:38:58 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Description of problem:
The scanning code for existing interfaces stores pointers into malloc
()ed memory which is freed prior to being used (crashes if using 
ElectricFence).

In kudzu.c:

  1079                  b = buf = bufFromFd(fd);
...
  1087                                  devname=buf+7;
...
  1097                  tmpdev->dev = devname;
...
  1104                  free(b);

tmpdev->dev is now dangling. Further down its used:

  1117                                  dev->device = strdup(tmpdev-
>dev);

If building with ElectricFence, this crashes, if not, new interfaces 
get created for existing ones.

Version-Release number of selected component (if applicable):
kudzu-1.1.53-1

How reproducible:
Always

Steps to Reproduce:
1.LD_PRELOAD=libefence.so.0.0 kudzu --probe
2.
3.
    

Additional info:

Problem probably doesn't manifest if the various ifcfg- files don't 
have DEVICE and HWADDR lines.

Comment 1 Alex Kiernan 2004-04-01 04:39:57 UTC
Created attachment 99027 [details]
Fix dangling pointer problem

Comment 2 Bill Nottingham 2004-04-01 05:05:08 UTC
Thanks, will be fixed in 1.1.54-1.