From owner-freebsd-current  Sat Oct 26 18:14:19 2002
Delivered-To: freebsd-current@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 931)
	id 12B7F37B401; Sat, 26 Oct 2002 18:14:18 -0700 (PDT)
Date: Sat, 26 Oct 2002 18:14:18 -0700
From: Juli Mallett <jmallett@FreeBSD.org>
To: current@FreeBSD.org
Subject: [PATCH] disklabel(8) loves to deref NULL with an invalid line.
Message-ID: <20021026181417.A71979@FreeBSD.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
Organisation: The FreeBSD Project <http://FreeBSD.org>
X-Alternate-Addresses: <jmallett@NewGold.NET>, <jmallett@xMach.org>, <juli@jerkcity.com>, <flata@toxic.magnesium.net>, <jmallett@OpenDarwin.org>
X-Towel: Yes
X-LiveJournal: flata, jmallett
X-Negacore: Yes
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

If you delete from fstype on in a disklabel line and have it try to write
it, its internal parsing routines go boom.  I've fixed it locally, and
would like to commit my delta.

%%%
Index: disklabel.c
===================================================================
RCS file: /home/ncvs/src/sbin/disklabel/disklabel.c,v
retrieving revision 1.62
diff -b -d -w -u -r1.62 disklabel.c
--- disklabel.c	8 Oct 2002 12:13:19 -0000	1.62
+++ disklabel.c	27 Oct 2002 01:11:18 -0000
@@ -921,6 +921,9 @@
 {
 	char c;
 
+	if (cp == NULL) {
+		return (NULL);
+	}
 	while (*cp != '\0' && !isspace(*cp) && *cp != '#')
 		cp++;
 	if ((c = *cp) != '\0') {
@@ -1233,9 +1236,14 @@
 	}
 	pp->p_offset = v;
 	cp = tp, tp = word(cp);
-	for (cpp = fstypenames; cpp < &fstypenames[FSMAXTYPES]; cpp++)
+	for (cpp = fstypenames; cpp < &fstypenames[FSMAXTYPES]; cpp++) {
+		if (cp == NULL) {
+			fprintf(stderr, "line %d: invalid entry\n", lineno);
+			return (1);
+		}
 		if (*cpp && streq(*cpp, cp))
 			break;
+	}
 	if (*cpp != NULL) {
 		pp->p_fstype = cpp - fstypenames;
 	} else {
%%%

juli.
-- 
Juli Mallett <jmallett@FreeBSD.org>       | FreeBSD: The Power To Serve
Will break world for fulltime employment. | finger jmallett@FreeBSD.org
http://people.FreeBSD.org/~jmallett/      | Support my FreeBSD hacking!

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message