From mdg@secureworks.net  Wed Jun  2 12:52:02 2004
Return-Path: <mdg@secureworks.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2F1F516A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  2 Jun 2004 12:52:02 -0700 (PDT)
Received: from mail.secureworks.net (mail.secureworks.net [209.101.212.155])
	by mx1.FreeBSD.org (Postfix) with SMTP id 8401343D2F
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  2 Jun 2004 12:52:01 -0700 (PDT)
	(envelope-from mdg@secureworks.net)
Received: (qmail 58404 invoked from network); 2 Jun 2004 19:51:54 -0000
Received: from unknown (HELO HOST-192-168-8-243.internal.secureworks.net) (209.101.212.253)
  by mail.secureworks.net with SMTP; 2 Jun 2004 19:51:54 -0000
Message-Id: <20040602153253.B1067@localhost>
Date: Wed, 2 Jun 2004 15:52:00 -0400 (EDT)
From: Matthew George <mdg@secureworks.net>
To: FreeBSD-gnats-submit@freebsd.org
Subject: [PATCH] from Darwin: libc/net/nsap_addr.c buffer allocation

>Number:         67501
>Category:       bin
>Synopsis:       [PATCH] from Darwin: libc/net/nsap_addr.c buffer allocation
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jun 02 13:00:45 PDT 2004
>Closed-Date:    Fri Jun 18 15:18:04 GMT 2004
>Last-Modified:  Fri Jun 18 15:18:04 GMT 2004
>Originator:     Matthew George
>Release:        FreeBSD 5.2-CURRENT i386
>Organization:
SecureWorks
>Environment:
System: FreeBSD mdg.secureworks.net 5.2-CURRENT FreeBSD 5.2-CURRENT #2: Mon Mar 29 12:02:58 EST 2004 mdg@mdg.secureworks.net:/usr/obj/usr/src/sys/GENERIC i386


>Description:

this changes the function inet_nsap_ntoa() such that it will dynamically
allocate (and verify the allocation of) its temporary buffer, a pointer to
which is returned to the caller.  NULL is returned if malloc() fails.

This was taken from the Darwin libc package, in the net/FreeBSD directory.
The original BSD license has been retained.

>How-To-Repeat:
>Fix:

Index: lib/libc/net/nsap_addr.c
===================================================================
RCS file: /home/ncvs/src/lib/libc/net/nsap_addr.c,v
retrieving revision 1.9
diff -u -r1.9 nsap_addr.c
--- lib/libc/net/nsap_addr.c	22 Mar 2002 21:52:29 -0000	1.9
+++ lib/libc/net/nsap_addr.c	2 Jun 2004 19:32:09 -0000
@@ -26,6 +26,7 @@
 #include <arpa/nameser.h>
 #include <ctype.h>
 #include <resolv.h>
+#include <stdlib.h>

 static char
 xtob(c)
@@ -78,9 +79,14 @@
 {
 	int nib;
 	int i;
-	static char tmpbuf[255*3];
+	static char *tmpbuf = NULL;
 	char *start;

+	if (tmpbuf == NULL) {
+		tmpbuf = malloc(255*3);
+		if (tmpbuf == NULL)
+			return NULL;
+	}
 	if (ascii)
 		start = ascii;
 	else {


-- 
Matthew George
SecureWorks Technical Operations

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: bms 
State-Changed-When: Wed Jun 16 00:05:05 GMT 2004 
State-Changed-Why:  
This patch appears to introduce a blatant memory leak. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=67501 
State-Changed-From-To: feedback->closed 
State-Changed-By: bms 
State-Changed-When: Fri Jun 18 15:17:49 GMT 2004 
State-Changed-Why:  
Closed at submitter's request 

http://www.freebsd.org/cgi/query-pr.cgi?pr=67501 
>Unformatted:
