[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-developers] [PATCH] namecache: fix NULL-pointer dereference in n
|
From: |
Daniel Golle |
|
Subject: |
[GNUnet-developers] [PATCH] namecache: fix NULL-pointer dereference in namecache-flat |
|
Date: |
Fri, 4 Dec 2015 22:11:19 +0100 |
|
User-agent: |
Mutt/1.5.24 (2015-08-30) |
namecache-flat crashes if started on an empty or non-existent file.
gnunet-service-[2568]: segfault at 0 ip 00007fe32dc8bb3c sp 00007ffde11826f0
error 4 in libgnunet_plugin_namecache_flat.so[7fe32dc8a000+202000]
gnunet-service-[2576]: segfault at 0 ip 00007f2a6be75b3c sp 00007ffdf9b6d880
error 4 in libgnunet_plugin_namecache_flat.so[7f2a6be74000+202000]
gnunet-service-[2581]: segfault at 0 ip 00007ff1dcfb1b3c sp 00007fff834070f0
error 4 in libgnunet_plugin_namecache_flat.so[7ff1dcfb0000+202000]
This fix at least prevents parsing a 0-byte file, however, looking at
the code it is clear that more needs to be done to prevent crashes in
case of corrupted or incompletely written cache data.
Are you sure it's at all a good idea to implement parsers using
standard C string functions...? (what about bison and flex?)
Signed-off-by: Daniel Golle <address@hidden>
---
src/namecache/plugin_namecache_flat.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/namecache/plugin_namecache_flat.c
b/src/namecache/plugin_namecache_flat.c
index 409b058..85bb692 100644
--- a/src/namecache/plugin_namecache_flat.c
+++ b/src/namecache/plugin_namecache_flat.c
@@ -132,6 +132,9 @@ database_setup (struct Plugin *plugin)
return GNUNET_SYSERR;
}
+ if (0 == size)
+ return GNUNET_OK;
+
buffer = GNUNET_malloc (size);
if (GNUNET_SYSERR == GNUNET_DISK_file_read (fh,
--
2.6.2
- [GNUnet-developers] [PATCH] namecache: fix NULL-pointer dereference in namecache-flat,
Daniel Golle <=