Hello list. I stumbled over segfaults in setpci when trying to set PCI-registers. The specific call was setpci -v -d : latency_timer=b0 The parse_op() function derefences a pointer, which is returned by parse_x32() which could be NULL, twice (first time when trying to check, wheter it's NULL... just an '*' too much ;) I reported this bug to the author as supposed in README, but since nothing happened in .git and I didn't get a reply, I'm trying here again. »Patch« (word way too big for this snippet) is appended. HAND & LG -- aw np: The Frames (Breadcrumb Trail) -- 11. Look Back Now -- Angela Merkel zitiere ich ja am liebsten wörtlich. Ich habe noch keine bessere Möglichkeit gefunden, diese Frau zu beleidigen. -- Volker Pispers
--- a/setpci.c +++ b/setpci.c @@ -630,13 +630,13 @@ e = strchr(value, ','); if (e) *e++ = 0; - if (parse_x32(value, &f, &ll) < 0 || *f && *f != ':') + if (parse_x32(value, &f, &ll) < 0 || f && *f != ':') parse_err("Invalid value \"%s\"", value); lim = max_values[op->width]; if (ll > lim && ll < ~0UL - lim) parse_err("Value \"%s\" is out of range", value); op->values[j].value = ll; - if (*f == ':') + if (f && *f == ':') { if (parse_x32(f+1, NULL, &ll) <= 0) parse_err("Invalid mask \"%s\"", f+1);
Attachment:
pgpPrmZmdNzKs.pgp
Description: PGP signature