[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntp-hackers
Subject:    [ntp:hackers] [PATCH v1] Possible bug ntpq-subs
From:       Paulo Neves <ptsneves () gmail ! com>
Date:       2019-03-20 7:27:05
Message-ID: CAJO0J4jtgORLhXQ1Q_xQ1Z4g++OEqew+OYqbAowhn4Jg4vTb1g () mail ! gmail ! com
[Download RAW message or body]

Hello NTP hackers I recently had a null pointer deference on an error
printing. Could you check if this patch is acceptable?

Also I cannot create an account in bugzilla to open the bug there. Are
you guys aware of this?

From 2d5c415d94bf468d60f582c75530dd8706cd2f22 Mon Sep 17 00:00:00 2001
From: Paulo Neves <paulo.neves@nokia.com>
Date: Tue, 19 Mar 2019 16:09:35 +0100
Subject: [PATCH 1/1] ntpq-subs: fprintf to stderr instead of potential NULL
 ptr

Contrary to common behavior in ntpq-subs,
the dogetassoc functon prints to a passed
FILE pointer. The problem is that there is
code in ntpq_dogetassoc that calls dogetassoc
with NULL as the FILE* argument. This leads to
undefined behavior and NULL pointer references
in some cases.

This commit sets dogetassoc's fprintf FILE to
stderr.

Signed-off-by: Paulo Neves <paulo.neves@nokia.com>
---
 ntpq/ntpq-subs.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ntpq/ntpq-subs.c b/ntpq/ntpq-subs.c
index 8495e20..d9a6985 100644
--- a/ntpq/ntpq-subs.c
+++ b/ntpq/ntpq-subs.c
@@ -1084,8 +1084,8 @@ dogetassoc(

     if (dsize == 0) {
         if (numhosts > 1)
-            fprintf(fp, "server=%s ", currenthost);
-        fprintf(fp, "No association ID's returned\n");
+            fprintf(stderr, "server=%s ", currenthost);
+        fprintf(stderr, "No association ID's returned\n");
         return 0;
     }

-- 
2.6.2
_______________________________________________
hackers mailing list
hackers@lists.ntp.org
http://lists.ntp.org/listinfo/hackers
[prev in list] [next in list] [prev in thread] [next in thread]