The Samba-Bugzilla – Attachment 13161 Details for
Bug 12748
use of wrong buffer in cleanupdb_store_child() leads to stack overread
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch with fix
samba-cleanupdb_store_child-wrong-variable.diff (text/plain), 613 bytes, created by
Hanno Böck
on 2017-04-19 09:00:40 UTC
(
hide
)
Description:
patch with fix
Filename:
MIME Type:
Creator:
Hanno Böck
Created:
2017-04-19 09:00:40 UTC
Size:
613 bytes
patch
obsolete
>diff -Naurp a/source3/lib/cleanupdb.c b/source3/lib/cleanupdb.c >--- a/source3/lib/cleanupdb.c 2017-01-11 08:55:15.000000000 +0100 >+++ b/source3/lib/cleanupdb.c 2017-04-18 22:38:30.860335247 +0200 >@@ -61,7 +61,7 @@ bool cleanupdb_store_child(const pid_t p > struct cleanup_key key = { .pid = pid }; > struct cleanup_rec rec = { .pid = pid, .unclean = unclean }; > TDB_DATA tdbkey = { .dptr = (uint8_t *)&key, .dsize = sizeof(key) }; >- TDB_DATA tdbdata = { .dptr = (uint8_t *)&key, .dsize = sizeof(rec) }; >+ TDB_DATA tdbdata = { .dptr = (uint8_t *)&rec, .dsize = sizeof(rec) }; > int result; > > db = cleanup_db();
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=13161">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 12748
: 13161 |
13162
|
13163
|
13164