Red Hat Bugzilla – Bug 532334
crash because of memory corruption
Last modified: 2010-01-07 10:24:00 EST
Created attachment 367019 [details]
Description of problem:
strace crashes for me because of
the memory corruption.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. strace -f -o log mkinitrd initrd-`uname -r`.img `uname -r`
Segmentation fault after some time
Correct tracing of mkinitrd
The attached patch fixes the problem.
string_quote() expects the size of 'outstr'
to be at least size*4+3 (actually, as the
code there is very sloppy, even this may
not always hold). And size=max_strlen+1,
but the buffer allocated is max_strlen*4+6,
which is less than (max_strlen+1)*4+3 by
one byte. All this code is very bad and
unsafe, Who writes the code like this? :)
Fxied in 4.5.19.