[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Please unblock rlinetd/0.6-2



Hi,

The rlinetd 0.6-2 contains fix for a quite important unreported bug,
namely a segmentation fault which had occurred for some RPC services (like
rusersd) for which the getaddrinfo() function had returned two or more
addrinfos. Also, like other inet servers, the package will now provide
inet-supreserver & conflicts with other inet-superservers. Thus I'd 
like to ask you for approving the package for etch.


The changes of grammar.y are rather small, nevertheless they
may be difficult to understand. So below is some explanation of the
grammar.y code:

The most important fragments of the old version of grammar.y:

    ret = getaddrinfo(addr, port, &hints, &results); 	                 // line 1112
    ai = results; 					                                           // line 1122
    do {
  // check if current_service is a RPC service
      if(current_service->rpcnum) { 	                                 // line 1225
  	    struct numlist *vers = current_service->rpcvers;               // line 1226 (*)
       	do {
          pmap_set(current_service->rpcnum, vers->num, ....);          // line 1236
        } while((vers = vers->next));                                  // line 1243
  // save rpcvers into rlc_unrpc structure
       ((struct rlc_unrpc *)p->data)->vers = current_service->rpcvers; // line 1252
  // set it to NULL since the memory will be destroyed, when the object p is freed
       current_service->rpcvers = NULL; 				                       // line 1254 (**)
      }                                                                // line 1256
    } while((ai = ai->ai_next));                                       // line 1286           
  
  If getaddrinfo returns two addresses into the results variable, the will
  be two iterations of the main do-while loop. In the first iteration the
  current_service->rpcvers will be nulled in line marked (**), but in the
  second we will get segmentation fault in line (*) because vers pointer will 
  be set to NULL.

And the new version is:

    ret = getaddrinfo(addr, port, &hints, &results); 	                 // line 1112
    ai = results; 					                                           // line 1122
    do {
  // check if current_service is a RPC service
      if(current_service->rpcnum) { 	                                 // line 1225
  	    struct numlist *vers = current_service->rpcvers;               // line 1226 (*)
       	do {
          pmap_set(current_service->rpcnum, vers->num, ....);          // line 1236
        } while((vers = vers->next));                                  // line 1243
  // save rpcvers into rlc_unrpc structure, the numlist_copy will allocate memory,
  // which will be freed when the p object is freed
    numlist_copy(&(((struct rlc_unrpc *)p->data)->vers), current_service->rpcvers); // line 1252 (!)
  // set it to NULL since the memory will be destroyed, when rlc_unrpc is freed
      }                                                                // line 1256
    } while((ai = ai->ai_next));                                       // line 1284        
  // free the memory used by current_service->rpcvers
    numlist_free(current_service->rpcvers);                            // line 1295 (!)
    current_service->rpcvers = NULL;                                   // line 1296 (!)




rlinetd (0.6-2) unstable; urgency=low

  * grammar.y: fix segmentation fault on RPC services for which getaddrinfo()
    returns more then one addrinfo result.
  * Initial Portuguese debconf templates translation (closes: #383839).
  * debian/control: 
    + exclude GNU/kFreeBSD architectures from libcap-dev build depends 
      (closes: #375033).
    + provide inet-superserver, conflict with inet-superserver and netkit-inetd
    + add dependency on netbase for files like /etc/services or /etc/rpc
  * debian/init.d: Fix typo in the Short-Description tag name (lintian).

 -- Robert Luberda <robert@debian.org>  Tue,  2 Jan 2007 23:32:14 +0100


Best Regards,
robert

Attachment: signature.asc
Description: Digital signature


Reply to: