[PATCH] 2.4 vsnprintf fix.

Rusty Russell (rusty@rustcorp.com.au)
Thu, 20 Sep 2001 21:29:05 +1000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Christoph Hellwig: "Re: IBMs LVM?"
Previous message: Nicholas Knight: "Re: via82cxxx_audio locking problems"
Next in thread: Crutcher Dunnavant: "Re: [PATCH] 2.4 vsnprintf fix."
Reply: Crutcher Dunnavant: "Re: [PATCH] 2.4 vsnprintf fix."

Following patch fixes calling vsnprintf with (NULL, 0) to get the
length of the string. The problem is that the end ptr is set to
0xFFFFFFFF in this case, causing a write into address 0 as start <
end.

Cheers,
Rusty.

--
Premature optmztion is rt of all evl. --DK

--- working-pmac-module/lib/vsprintf.c.~1~	Mon Sep 17 08:53:56 2001
+++ working-pmac-module/lib/vsprintf.c	Thu Sep 20 21:26:05 2001
@@ -246,6 +246,8 @@
 				/* 'z' support added 23/7/1999 S.H.    */
 				/* 'z' changed to 'Z' --davidm 1/25/99 */
 
+	/* buf = NULL, size = 0 is common for getting length */
+	if (size == 0) buf = (void *)1;
 	str = buf;
 	end = buf + size - 1;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Christoph Hellwig: "Re: IBMs LVM?"
Previous message: Nicholas Knight: "Re: via82cxxx_audio locking problems"
Next in thread: Crutcher Dunnavant: "Re: [PATCH] 2.4 vsnprintf fix."
Reply: Crutcher Dunnavant: "Re: [PATCH] 2.4 vsnprintf fix."