This patch fixes the problem
--- iproute2-ss050901/ip/iproute.c~ 2005-09-01 14:21:50.000000000 -0500
+++ iproute2-ss050901/ip/iproute.c 2005-10-06 21:30:36.000000000 -0500
@@ -216,13 +216,13 @@ int print_route(const struct sockaddr_nl
memset(&via, 0, sizeof(via));
via.family = r->rtm_family;
if (tb[RTA_GATEWAY])
- memcpy(&via.data, RTA_DATA(tb[RTA_GATEWAY]), host_len);
+ memcpy(&via.data, RTA_DATA(tb[RTA_GATEWAY]), host_len/8);
}
if (filter.rprefsrc.bitlen>0) {
memset(&prefsrc, 0, sizeof(prefsrc));
prefsrc.family = r->rtm_family;
if (tb[RTA_PREFSRC])
- memcpy(&prefsrc.data, RTA_DATA(tb[RTA_PREFSRC]), host_len);
+ memcpy(&prefsrc.data, RTA_DATA(tb[RTA_PREFSRC]), host_len/8);
}
if (filter.rdst.family && inet_addr_match(&dst, &filter.rdst, filter.rdst.bitlen))
host_len should be divided by 8, as it's units is bits, where memcpy is using
bytes units.
On Thu, 2005-10-06 at 15:37 +0200, Radek Vokál wrote:
> This comse from iproute-ss050901, rebuilt on FC4 with -fortify-source
> option. Seems like ip has a buffer overflow which sometimes causes a
> segfault..
>
> will try to look at it tmrw, so far here's my gdb output.
--
Radek Vokál <rvokal@xxxxxxxxxx>
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
