Date: Tue, 3 Dec 1996 12:38:28 GMT From: luigi@iet.unipi.it To: FreeBSD-gnats-submit@freebsd.org Subject: kern/2141: missing bzero in ed_attach_NE2000_pci Message-ID: <199612031238.MAA00349@eco.ing.unipi.it> Resent-Message-ID: <199612031150.DAA04738@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 2141
>Category: kern
>Synopsis: missing bzero in ed_attach_NE2000_pci causes panic
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Dec 3 03:50:02 PST 1996
>Last-Modified:
>Originator: Luigi Rizzo
>Organization:
DEIT
>Release: FreeBSD 2.2-961014-SNAP i386
>Environment:
ne2000 pci
>Description:
function ed_attach_NE2000_pci() in if_ed.c passes
an uninitialized block of memory (got with malloc())
to ed_attach. This prevents a proper initialization
of the device descriptor and in my case causes a panic
during the probe, while printing out device info.
>How-To-Repeat:
boot...
>Fix:
Very simple: stefan Esser might take care of it ?
--- if_ed.c.orig Fri Oct 11 15:19:23 1996
+++ if_ed.c Tue Dec 3 12:32:18 1996
@@ -1854,6 +1854,7 @@
if (!sc)
return sc;
+ bzero(sc, sizeof *sc);
if (ed_probe_Novell_generic(sc, port, unit, isa_flags) == 0
|| ed_attach(sc, unit, isa_flags) == 0) {
free(sc, M_DEVBUF);
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612031238.MAA00349>