[hobbit] segfault in hobbit-enadis.cgi in xymon-4.3.0-beta1

Henrik =?unknown-8bit?Q?St=C3=B8rner?= henrik at hswn.dk
Thu Feb 26 11:16:19 CET 2009


On Tue, Feb 24, 2009 at 07:09:22PM +0100, Frank Gruellich wrote:
> Hi,
>
> we tried to install xymon-4.3.0-beta1 today and it disabled the
> Enable/Disable page for some reason.  Further investigations showed,
> that hobbit-enadis.cgi segfaults everytimes

I think this patch will also take care of the underlying cause
for this: http://www.xymon.com/hobbiton/2009/02/msg00140.html


> And now comes the "When I'm grown up I'll be a coder!" part.  I just
> see, that respstr is initialized with NULL and given to sendtobbd() by
> reference, but I can't figure out if it's modified (set to a valid
> value) within this function.  So the brave patch I can only give is:
>
> [rpmbuilder at fighter xymon-4.3.0-beta1]$ diff -u lib/strfunc.c.orig lib/strfunc.c
> --- lib/strfunc.c.orig  2009-02-24 18:23:06.000000000 +0100
> +++ lib/strfunc.c       2009-02-24 18:24:21.000000000 +0100
> @@ -118,7 +118,7 @@
>
>  void addtobuffer(strbuffer_t *buf, char *newtext)
>  {
> -	strbuf_addtobuffer(buf, newtext, strlen(newtext));
> +	if (newtext) strbuf_addtobuffer(buf, newtext, strlen(newtext));
>  }
>
>  void addtostrbuffer(strbuffer_t *buf, strbuffer_t *newtext)
> [rpmbuilder at fighter xymon-4.3.0-beta1]$
>
> Basically this can't be wrong because calling strlen with NULL is
> probably a bad idea.


You're right, it cannot be wrong :-) For the current bug it is a
working band-aid, although it doesn't solve the real issue. But
it is a sensible thing to do nonetheless. I've added it to my
sourcetree:

$ svn commit -m "strbuffer_addtobuffer: Dont try to do strlen() if passed an empty string. From Frank Gruellich" lib/strfunc.c
Sending        lib/strfunc.c
Transmitting file data .
Committed revision 6165.

(So I guess you're now a coding adolescent :-))


Regards,
Henrik




More information about the Xymon mailing list