[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: library/4603: <synopsis of the problem (one line)>



The following reply was made to PR library/4603; it has been noted by GNATS.

From: Otto Moerbeek <otto_(_at_)_drijf_(_dot_)_net>
To: Michael Shuldman <michaels-sendbug_(_at_)_inet_(_dot_)_no>
Cc: gnats_(_at_)_openbsd_(_dot_)_org, karls_(_at_)_inet_(_dot_)_no
Subject: Re: library/4603: <synopsis of the problem (one line)>
Date: Thu, 10 Nov 2005 09:25:39 +0100 (CET)

 On Mon, 7 Nov 2005, Michael Shuldman wrote:
 
 > >Number:         4603
 > >Category:       library
 > >Synopsis:       <synopsis of the problem (one line)>
 
 Hi,
 
 Next time pelase provide a synopsis ;-)
 
 I think this is slighly better. It uses size_t for sizes and makes use
 of calloc's int overflow detection.
 
 	-Otto
 
 Index: rfc931.c
 ===================================================================
 RCS file: /cvs/src/lib/libwrap/rfc931.c,v
 retrieving revision 1.9
 diff -u -p -r1.9 rfc931.c
 --- rfc931.c	19 Apr 2003 18:31:48 -0000	1.9
 +++ rfc931.c	10 Nov 2005 08:22:45 -0000
 @@ -85,6 +85,7 @@ rfc1413(rmt_sin, our_sin, dest, dsize, i
  	struct sigaction new_sa, old_sa;
  	char user[256];	 
  	char tbuf[1024];	 
 +	size_t rsize, wsize;
  	
  	gotit = 0;
  	s = -1;
 @@ -180,10 +181,13 @@ rfc1413(rmt_sin, our_sin, dest, dsize, i
  
  	/* We are connected,  build an ident query and send it. */ 
  	
 -	readfds = calloc(howmany(s+1, NFDBITS), sizeof(fd_mask));
 +	rsize = howmany(s+1, NFDBITS);
 +	readfds = calloc(rsize, sizeof(fd_mask));
  	if (readfds == NULL) 
  		goto out;
 -	writefds = calloc(howmany(s+1, NFDBITS), sizeof(fd_mask));
 +
 +	wsize = howmany(s+1, NFDBITS);
 +	writefds = calloc(wsize, sizeof(fd_mask));
  	if (writefds == NULL) 
  		goto out;
  	snprintf(tbuf, sizeof(tbuf), "%u,%u\r\n", ntohs(*rmt_portp),
 @@ -192,7 +196,7 @@ rfc1413(rmt_sin, our_sin, dest, dsize, i
  	while (i < strlen(tbuf)) { 
  		int j;
  
 -		FD_ZERO(writefds);
 +		memset(writefds, 0, wsize * sizeof(fd_mask));
  		FD_SET(s, writefds);
  		do { 
  			j = select(s + 1, NULL, writefds, NULL, NULL);
 @@ -219,7 +223,7 @@ rfc1413(rmt_sin, our_sin, dest, dsize, i
  	while ((cp = strchr(tbuf, '\n')) == NULL && i < sizeof(tbuf) - 1) {
  		int j;
  
 -		FD_ZERO(readfds);
 +		memset(readfds, 0, rsize * sizeof(fd_mask));
  		FD_SET(s, readfds);
  		do { 
  			j = select(s + 1, readfds, NULL, NULL, NULL);



Visit your host, monkey.org