Bug 119655 - Network naming code loses track of existing interfaces
Summary: Network naming code loses track of existing interfaces
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: kudzu
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-04-01 04:38 UTC by Alex Kiernan
Modified: 2014-03-17 02:43 UTC (History)
1 user (show)

Fixed In Version: 1.1.54-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-04-01 05:05:08 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
Fix dangling pointer problem (647 bytes, patch)
2004-04-01 04:39 UTC, Alex Kiernan
no flags Details | Diff

Description Alex Kiernan 2004-04-01 04:38:58 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Description of problem:
The scanning code for existing interfaces stores pointers into malloc
()ed memory which is freed prior to being used (crashes if using 
ElectricFence).

In kudzu.c:

  1079                  b = buf = bufFromFd(fd);
...
  1087                                  devname=buf+7;
...
  1097                  tmpdev->dev = devname;
...
  1104                  free(b);

tmpdev->dev is now dangling. Further down its used:

  1117                                  dev->device = strdup(tmpdev-
>dev);

If building with ElectricFence, this crashes, if not, new interfaces 
get created for existing ones.

Version-Release number of selected component (if applicable):
kudzu-1.1.53-1

How reproducible:
Always

Steps to Reproduce:
1.LD_PRELOAD=libefence.so.0.0 kudzu --probe
2.
3.
    

Additional info:

Problem probably doesn't manifest if the various ifcfg- files don't 
have DEVICE and HWADDR lines.

Comment 1 Alex Kiernan 2004-04-01 04:39:57 UTC
Created attachment 99027 [details]
Fix dangling pointer problem

Comment 2 Bill Nottingham 2004-04-01 05:05:08 UTC
Thanks, will be fixed in 1.1.54-1.


Note You need to log in before you can comment on or make changes to this bug.