Ticket History #3825: krb5int_get_plugin_dir_data() uses + instead of * in realloc

# Wed May 31 20:56:18 2006 epeisach (Ezra Peisach) - Ticket created

From:	epeisach@mit.edu
Subject:	CVS Commit

Download (untitled) / with headers
text/plain 295B

In line 570, in reallocating the plugin tree - the memory allocated is
(count + 1) + sizeof(*p)

instead of

(count +1 ) * sizeof(*p)

Detected while running the krb5kdc under valgrind with memcheck.

Commit By: epeisach

Revision: 18070
Changed Files:
U trunk/src/util/support/plugins.c

# Wed May 31 20:56:21 2006 epeisach (Ezra Peisach) - Tags pullup added

# Wed May 31 20:56:22 2006 epeisach (Ezra Peisach) - Status changed from 'new' to 'resolved'

# Wed May 31 20:56:23 2006 epeisach (Ezra Peisach) - Requestor epeisach (Ezra Peisach) added

# Wed May 31 21:12:32 2006 wfiveash (Will Fiveash) - Correspondence added

Date:	Wed, 31 May 2006 20:12:23 -0500
From:	Will Fiveash <William.Fiveash@sun.com>
To:	rt@krbdev.mit.edu
Subject:	Re: [krbdev.mit.edu #3825] CVS Commit
RT-Send-Cc:

Download (untitled) / with headers
text/plain 810B

I still see in plugins.c:

$ grep 'count.* + sizeof' src/util/support/plugins.c
newp = realloc (p, ((count + 1) + sizeof (*p))); /* +1 for NULL */

Isn't this a problem also?

On Wed, May 31, 2006 at 08:56:21PM -0400, Ezra Peisach via RT wrote:

Show quoted text

> In line 570, in reallocating the plugin tree - the memory allocated is
> (count + 1) + sizeof(*p)
>
> instead of
>
> (count +1 ) * sizeof(*p)
>
> Detected while running the krb5kdc under valgrind with memcheck.
>
>
> Commit By: epeisach
>
>
>
> Revision: 18070
> Changed Files:
> U trunk/src/util/support/plugins.c
>
> _______________________________________________
> krb5-bugs mailing list
> krb5-bugs@mit.edu
> https://mailman.mit.edu/mailman/listinfo/krb5-bugs

--
Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)

# Wed May 31 21:41:40 2006 epeisach (Ezra Peisach) - Correspondence added

From:	epeisach@mit.edu
Subject:	CVS Commit

Download (untitled) / with headers
text/plain 174B

Missed a reference to + sizeof() vs * sizeof(). Pointed out by
william fiveash.

Commit By: epeisach

Revision: 18071
Changed Files:
U trunk/src/util/support/plugins.c

# Wed May 31 21:42:50 2006 epeisach (Ezra Peisach) - Comments added

Date:	Wed, 31 May 2006 21:42:44 -0400 (EDT)
From:	Ezra Peisach <epeisach@MIT.EDU>
To:	"william.fiveash@sun.com via RT" <rt-comment@krbdev.mit.edu>
Subject:	Re: [krbdev.mit.edu #3825] CVS Commit
RT-Send-Cc:

Download (untitled) / with headers
text/plain 194B

You are correct - I missed that point in the code... I fixed the one found
by valgrind - but failed to check the rest of the code for pitfalls.

Thanks - it is fixed now in the tree...

Ezra

# Mon Jun 19 21:33:46 2006 tlyu (Taylor Yu) - Version_Fixed 1.5 added

# Fri Jun 30 01:33:11 2006 tlyu (Taylor Yu) - Component krb5-libs added

# Wed Dec 16 18:02:46 2015 tlyu (Taylor Yu) - CustomField pullup deleted