Try again.

--Daniel

------- it bounced, they may not have it yet -------

To: libsmi-owner@ibr.cs.tu-bs.de Subject: libsmi-owner@ibr.cs.tu-bs.de: bug in smilint From: "Mark D. Baushke" mdb@juniper.net X-Phone: +1 408 745-2952 (Office) X-Mailer: MH-E 7.82+cvs; nmh 1.0.4; GNU Emacs 21.1.1 Date: Fri, 24 Sep 2004 17:27:10 -0700 Sender: mdb@juniper.net

This is a bug report. Do with it as you will.

-- Mark

------- Forwarded Message

Subject: bug in smilint From: libsmi-owner@ibr.cs.tu-bs.de To: mdb@juniper.net Date: Sat, 25 Sep 2004 02:21:54 +0200 X-List-Administrivia: yes Sender: libsmi-bounces@ibr.cs.tu-bs.de

• --===============0476241629==

Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit

You are not allowed to post to this mailing list, and your message has been automatically rejected. If you think that your messages are being rejected in error, contact the mailing list owner at libsmi-owner@ibr.cs.tu-bs.de.

• --===============0476241629==

Content-Type: message/rfc822 MIME-Version: 1.0

Received: from colo-dns-ext2.juniper.net (colo-dns-ext2.juniper.net [207.17.137.64]) by agitator.ibr.cs.tu-bs.de (8.12.3/8.12.3/Debian-6.6) with ESMTP id i8P0Lq4H023141 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for libsmi@ibr.cs.tu-bs.de; Sat, 25 Sep 2004 02:21:53 +0200 Received: from merlot.juniper.net (merlot.juniper.net [172.17.27.10]) by colo-dns-ext2.juniper.net (8.12.3/8.12.3) with ESMTP id i8P0LpBm048334 for libsmi@ibr.cs.tu-bs.de; Fri, 24 Sep 2004 17:21:51 -0700 (PDT) (envelope-from mdb@juniper.net) Received: from juniper.net (garnet.juniper.net [172.17.28.17]) by merlot.juniper.net (8.11.3/8.11.3) with ESMTP id i8P0Lje35495; Fri, 24 Sep 2004 17:21:45 -0700 (PDT) (envelope-from mdb@juniper.net) To: libsmi@ibr.cs.tu-bs.de From: "Mark D. Baushke" mdb@juniper.net Subject: bug in smilint X-Phone: +1 408 745-2952 (Work) X-Mailer: MH-E 7.82+cvs; nmh 1.0.4; GNU Emacs 21.1.1 X-Face: #8D_6URD2G%vC.hzU<dI&#Y9szHj$'mGtUq&d=rXy^L$-=G_-LmZ^5!Fszk:yXZp$k\nTF? 8Up0!v/%1Q[(d?ES0mQW8dRCXi18gK)luJu)loHk, }4{Vi`yX?p?crF5o:LL{6#eiO:(E:YMxLXULB k|'a*EjN.B&L+[J!PhJ*aX0n:5/ Date: Fri, 24 Sep 2004 17:21:45 -0700 Message-ID: 29947.1096071705@juniper.net Sender: mdb@juniper.net X-IBRFilter-SpamReport: 1.657 (*) BAYES_80 X-Scanned-By: MIMEDefang 2.24 (www . roaringpenguin . com / mimedefang)

While using smilint, we encountered a core dump on libsmi-0.4.2. Here is the backtrace:

The core dump occurs with the following backtrace: #0 0x8048d88 in display_one (f=0x804bd80, error=0x8053890) at ../../tools/smilint.c:134 #1 0x8048ee7 in display_used (errors=0x8052000) at ../../tools/smilint.c:174 #2 0x804923d in main (argc=42, argv=0xbfbfedbc) at ../../tools/smilint.c:317 #3 0x8048b21 in _start ()

The problem is also present in the latest release of smilint and in the subversion sources as well.

Properly initializing the 'Error * errors;' structure with zero allows the right thing to happen rather than running off the end of the list.

A patch against the latest Subversion revision of the file is included after my .signature.

-- Mark

Index: smilint.c

• --- smilint.c (revision 1852)

+++ smilint.c (working copy) @@ -8,7 +8,7 @@

• See the file "COPYING" for information on usage and redistribution
• of this file, and for a DISCLAIMER OF ALL WARRANTIES.

• • • @(#) $Id: smilint.c,v 1.46 2004/08/10 10:58:12 strauss Exp $

• • @(#) $Id$
  */

#include <config.h> @@ -109,7 +109,7 @@ fprintf(stderr, "smilint: malloc failed - running out of memory\n"); exit(1); }

• • memset(errors, 0, cnt * sizeof(Error));

• memset(errors, 0, (cnt + 1) * sizeof(Error));

  for (i = 0; i < cnt; i++) { errors[i].id = i;

• --===============0476241629==--