aide / Bugs / #9 crash in db_input

#9 crash in db_input_wrapper (gzip)

Status: closed-accepted

Owner: Mike Markley

Labels: None

Priority: 5

Updated: 2003-11-25

Created: 2003-11-25

Creator: matt kettler

Private: No

when doing an aide -C on openbsd 3.4, aide segfaults
unless configured --without-gzip.

using gdb on the corefile, I can see the crash is in
db_input_wrapper.

(gdb) bt
#0 0x1c02e87a in gzread ()
#1 0x1c02ea8b in gzgetc ()
#2 0x1c006d5d in db_input_wrapper ()
#3 0x1c00b6dd in yy_get_next_buffer ()
#4 0x1c00b3ba in db_scan ()
#5 0x1c00922d in db_readline_file ()
#6 0x1c0052ea in db_readline ()
#7 0x1c00e2a1 in populate_tree ()
#8 0x1c0131e4 in main ()
#9 0x1c000221 in ___start ()

This crash results from incomplete initialization of
the db_config structure in aide.c.

db_gzin and db_gznew are never pre-initialized to 0,
and assumed to be valid. On some platforms, the
malloced memory is already 0, but apparently not so on
openbsd 3.4.

patchfile which fixes the issue is attached.

Discussion

matt kettler - 2003-11-25

aide.c.patch

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mike Markley - 2003-11-25

assigned_to: nobody --> madhack

status: open --> pending
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mike Markley - 2003-11-25

Logged In: YES
user_id=246445

The attached patch has been committed to CVS.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mike Markley - 2003-11-25

status: pending --> closed-accepted
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

crash in db_input_wrapper (gzip)

Group

Searches

Help

#9 crash in db_input_wrapper (gzip)

Discussion