[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntp-bugs
Subject:    [ntp:bugs] [Bug 3580] New: Possible bug ntpq-subs (NULL dereference in dogetassoc)
From:       bugzilla-daemon () ntp ! org
Date:       2019-04-08 5:26:05
Message-ID: bug-3580-1197 () http ! bugs ! ntp ! org/
[Download RAW message or body]

https://bugs.ntp.org/show_bug.cgi?id=3580

             Bug #: 3580
           Summary: Possible bug ntpq-subs (NULL dereference in
                    dogetassoc)
           Product: ntp
           Version: 4.2.8
          Platform: All
        OS/Version: All
            Status: CONFIRMED
          Severity: normal
          Priority: P5
         Component: ntpq
        AssignedTo: stenn@ntp.org
        ReportedBy: perlinger@ntp.org
                CC: bugs@ntp.org
    Classification: Unclassified


From Paulo Neves:

"""
Contrary to common behavior in ntpq-subs,
the dogetassoc functon prints to a passed
FILE pointer. The problem is that there is
code in ntpq_dogetassoc that calls dogetassoc
with NULL as the FILE* argument. This leads to
undefined behavior and NULL pointer references
in some cases.

This commit sets dogetassoc's fprintf FILE to
stderr.
"""

I think we should resort to stderr only if the provided FILE pointer is NULL,
but apart from that, good catch.

-- 
Configure bugmail: https://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
bugs-announce mailing list
bugs-announce@lists.ntp.org
http://lists.ntp.org/listinfo/bugs-announce
[prev in list] [next in list] [prev in thread] [next in thread]