Date: Tue, 19 Nov 1996 19:44:06 -0800 (PST) From: Don Lewis <Don.Lewis@tsc.tdk.com> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/2067: dereference of uninitialized variable in tickadj Message-ID: <199611200344.TAA00952@w3.gv.tsc.tdk.com> Resent-Message-ID: <199611200350.TAA00442@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 2067
>Category: bin
>Synopsis: An unitialized pointer is dereferenced in tickadj
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Nov 19 19:50:03 PST 1996
>Last-Modified:
>Originator: Don Lewis
>Organization:
TDK Semiconductor Corp.
>Release: FreeBSD 2.1.5-STABLE i386
>Environment:
The bug is present in 2.1.5-STABLE through post 2.2 -current
>Description:
The getoffsets() routine in tickadj dereferences the pointer
"kname" without initializing it.
>How-To-Repeat:
run tickadj
>Fix:
*** usr.sbin/xntpd/util/ORIGtickadj.c Sun Nov 10 19:32:50 1996
--- usr.sbin/xntpd/util/tickadj.c Tue Nov 19 19:33:11 1996
***************
*** 339,345 ****
unsigned long *dosync_off;
unsigned long *noprintf_off;
{
! char **kname;
#if defined(SYS_AUX3) || defined(SYS_AUX2)
#define X_TICKADJ 0
--- 339,345 ----
unsigned long *dosync_off;
unsigned long *noprintf_off;
{
! char **kname, *knm;
#if defined(SYS_AUX3) || defined(SYS_AUX2)
#define X_TICKADJ 0
***************
*** 445,450 ****
--- 445,451 ----
struct stat stbuf;
#ifdef HAVE_GETBOOTFILE
+ kname = &knm;
*kname = getbootfile();
if (stat(*kname, &stbuf) == -1 || nlist(*kname, nl) == -1)
*kname = NULL;
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611200344.TAA00952>