From owner-freebsd-audit  Mon Jul  2 22:18:15 2001
Delivered-To: freebsd-audit@freebsd.org
Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40])
	by hub.freebsd.org (Postfix) with ESMTP id 0C4A337B406
	for <freebsd-audit@FreeBSD.org>; Mon,  2 Jul 2001 22:18:13 -0700 (PDT)
	(envelope-from drosih@rpi.edu)
Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47])
	by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f635IBY78340;
	Tue, 3 Jul 2001 01:18:11 -0400
Mime-Version: 1.0
X-Sender: drosih@mail.rpi.edu
Message-Id: <p0510100db7670146e46d@[128.113.24.47]>
In-Reply-To: <p0510100db760298f4bb4@[128.113.24.47]>
References: <p0510100db760298f4bb4@[128.113.24.47]>
Date: Tue, 3 Jul 2001 01:18:08 -0400
To: freebsd-print@bostonradio.org
From: Garance A Drosihn <drosih@rpi.edu>
Subject: Re: Initial ctlinfo, for checking incoming jobs to lpd
Cc: freebsd-audit@FreeBSD.org
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-audit.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-audit>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-audit>
X-Loop: FreeBSD.ORG

At 8:49 PM -0400 6/27/01, Garance A Drosihn wrote:
>The following patch would add a new source file to lpr/common_source,
>called ctlinfo.c.  While I have several plans for ctlinfo.c, this 
>first cut just replaces calls to link & unlink in lpd/recvjob.c
>with a call to a new routine which does a whole bunch of work.

For those playing at home, the patch also includes a subtle but
probably dangerous bug.  (it does happen to work fine, until
you try to print debugging messages on some other platforms...).
Down where I have:

>+	sroom = roundup(sizeof(struct cjprivate), 8);
>+	sroom2 = sroom + strlen(cfname) + 1;
>+	sroom2 = roundup(sroom2, 8);
>+	msize = sroom2 + CTI_LINEMAX;
>+	msize = roundup(msize, 8);
>+	cpriv = (struct cjprivate *)malloc(msize);
>+	if (cpriv == NULL)
>+		return NULL;
>+	memset(cpriv, 0, msize);
>+
>+	cpriv->pub.cji_fname = (char *)(cpriv + sroom);
>+	strcpy(cpriv->pub.cji_fname, cfname);
>+	cpriv->cji_buff = (char *)(cpriv + sroom2);
>+	cpriv->cji_eobuff = (char *)(cpriv + msize - 1);

The three lines where I add offsets to cpriv are wrong.
They should be:

+	cpriv->pub.cji_fname = (char *)cpriv + sroom;
+	strcpy(cpriv->pub.cji_fname, cfname);
+	cpriv->cji_buff = (char *)cpriv + sroom2;
+	cpriv->cji_eobuff = (char *)cpriv + msize - 1;

I haven't refreshed the patch-files that I posted earlier,
as I'm still in the middle of testing.  But I thought I
would mention this in case anyone else was running the
patch.  [reminder: this patch has not been committed to
anywhere yet, so no need to panic...]

-- 
Garance Alistair Drosehn            =   gad@eclipse.acs.rpi.edu
Senior Systems Programmer           or  gad@freebsd.org
Rensselaer Polytechnic Institute    or  drosih@rpi.edu

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message