[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: "[FLSA-2005:2252] Updated iptables packages resolve security issues" introduces new bug

From: Michal Jaegermann <michal harddata com>
To: Discussion of the Fedora Legacy Project <fedora-legacy-list redhat com>
Subject: Re: "[FLSA-2005:2252] Updated iptables packages resolve security issues" introduces new bug
Date: Sun, 20 Feb 2005 10:26:40 -0700

On Sun, Feb 20, 2005 at 09:47:10AM +0200, Pekka Savola wrote:
> 
> The only change was to replace:
> +	ret = malloc(PROCFILE_BUFSIZ);
> with:
> +	ret = (char *) malloc(PROCFILE_BUFSIZ);
> 
> because that's how it's done in upstream CVS and Debian.

A context is missing but assuming that the source is mildly sane,
and a compiler does not have here a hair-raising bug, then the above
is a "null change". 'malloc()' is prototyped as 'void *malloc(size_t
size)' and an explicit cast to a 'ret' type, assuming that this
is a pointer, is then redundant.

> If that fixes it, Red Hat's FC3 fix that we used was broken..

If that makes any difference then there are serious issues with
a toolchain.

   Michal

References:
- "[FLSA-2005:2252] Updated iptables packages resolve security issues" introduces new bug
  - From: Bart Westra
- Re: "[FLSA-2005:2252] Updated iptables packages resolve security issues" introduces new bug
  - From: Marc Deslauriers
- Re: "[FLSA-2005:2252] Updated iptables packages resolve security issues" introduces new bug
  - From: Pekka Savola
- Re: "[FLSA-2005:2252] Updated iptables packages resolve security issues" introduces new bug
  - From: Bart Westra
- Re: "[FLSA-2005:2252] Updated iptables packages resolve security issues" introduces new bug
  - From: Pekka Savola
- Re: "[FLSA-2005:2252] Updated iptables packages resolve security issues" introduces new bug
  - From: Pekka Savola

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]