www.libssh2.org | Daily snapshots | Mailing list archive | Docs | Examples

Archive Index This month's Index

Subject: Re: [PATCH] knownhost_add: Avoid dereferencing uninitialized memory on error path.

Re: [PATCH] knownhost_add: Avoid dereferencing uninitialized memory on error path.

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Fri, 11 Nov 2011 21:53:34 +0100 (CET)

On Fri, 11 Nov 2011, Peter Krempa wrote:

> In function knownhost_add, memory is alocated for a new entry. If normal
> alocation is used, memory is not initialized to 0 right after, but a check
> is done to verify if correct key type is passed. This test is done BEFORE
> setting the memory to null, and on the error path function free_host() is
> called, that tries to dereference unititialized memory, resulting into a
> glibc abort().

Thanks a lot, applied!

-- 
  / daniel.haxx.se
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Received on 2011-11-11

This message: [ Message body ]
Next message: libssh2 Trac: "Re: [libssh2] #223: errors in multi threads applications"
Previous message: Peter Krempa: "[PATCH] knownhost_add: Avoid dereferencing uninitialized memory on error path."
In reply to: Peter Krempa: "[PATCH] knownhost_add: Avoid dereferencing uninitialized memory on error path."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

the libssh2 team