sysklogd packages for rhl7.3(7.x?) and rhl9 for memory overrun up for QA
Rok Papež
rok.papez at lugos.si
Sat May 1 09:57:43 UTC 2004
Hello Seth && Fedora Legacy.
Dne sobota 01 maj 2004 10:43 je seth vidal napisal(a):
> Sysklogd ackages for rhl7.3(7.x possibly) and rhl9 that correct a memory
> overrun in syslogd's crunchlist are up for QA.
>
> please check them and test them (and of course comment)
>
> https://bugzilla.fedora.us/show_bug.cgi?id=1553
QA testing report:
==============
1. SRPMS inspection: only a code patch was added, source files are owned by
user "skvidal", no other changes
2. Code inspection: PASS
3. SRPMS rebuild: PASS
3. RPM Upgrade: PASS
4. Functionality test: PASS
As far as I'm concerned, package is OK and can be pushed to repository.
1. SRPMS inspection details:
=====================
# rpm -qp sysklogd-1.4.1-13.legacy.9.src.rpm -l -v
-rw-rw-r-- 1 skvidal skvidal 91105 feb 7 2003
sysklogd-1.4.1rh.tar.gz
-rw-rw-r-- 1 skvidal skvidal 767 maj 1 10:07
sysklogd-crunchlist-count.patch
-rw-rw-r-- 1 skvidal skvidal 8792 maj 1 10:13 sysklogd.spec
# rpm -qp sysklogd-1.4.1-12.src.rpm -l -v
-rw-rw-r-- 1 root root 91105 feb 7 2003
sysklogd-1.4.1rh.tar.gz
-rw-rw-r-- 0 root root 8612 feb 7 2003 sysklogd.spec
This is not an issue...
2. Code inspection:
================
- the same patch was already published in FC2 bugzilla entry
diff -ur sysklogd-1.4.1rh.orig/syslogd.c sysklogd-1.4.1rh/syslogd.c
--- sysklogd-1.4.1rh.orig/syslogd.c 2001-08-15 13:16:05.000000000 -0400
+++ sysklogd-1.4.1rh/syslogd.c 2004-04-08 17:09:42.000000000 -0400
@@ -1266,12 +1266,10 @@
/* strip off trailing delimiters */
while (p[strlen(p)-1] == LIST_DELIMITER) {
- count--;
p[strlen(p)-1] = '\0';
}
/* cut off leading delimiters */
while (p[0] == LIST_DELIMITER) {
- count--;
p++;
}
==> count is leater assigned a value, "count--" has no effect. Obsolete code.
@@ -1279,7 +1277,7 @@
for (count=i=0; p[i]; i++)
if (p[i] == LIST_DELIMITER) count++;
- if ((result = (char **)malloc(sizeof(char *) * count+2)) == NULL) {
+ if ((result = (char **)malloc(sizeof(char *) * (count+2))) == NULL) {
printf ("Sorry, can't get enough memory, exiting.\n");
exit(0);
}
==> count+2 has to be in parantheses since multiplication has precedence over
summation. The allocated space needs to be for a (count+2) pointers to
characters, not for a (count) number of pointers + 2 bytes.
--
best regards,
Rok Papež
More information about the fedora-legacy-list
mailing list