72654 – security/rain coredumps consistently

Bug 72654 - security/rain coredumps consistently

Summary: security/rain coredumps consistently

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Sam Lawrance

URL:
Keywords:

Depends on:
Blocks:

Reported:	2004-10-13 19:40 UTC by David Gilbert
Modified:	2005-05-04 14:37 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description David Gilbert 2004-10-13 19:40:31 UTC

	Crashes no matter the command line.  Trivial "rain -t 10.10.10.2"
crashes.

Fix: 

There is a rumor that the malloc for packet sizes is bad, but this
is unconfirmed from a web site.  Rings true as linux binary runs fine
on BSD ... and our native malloc makes nasty things happen.

I suppose setting this compile to turn off the nasty fills might
make things work.
How-To-Repeat: 	cd /usr/ports/security/rain; make install
	./rain -t 10.10.10.2

Comment 1 Sergei Kolobov freebsd_committer

2004-10-13 22:02:11 UTC

Responsible Changed
From-To: freebsd-ports-bugs->pat

Over to maintainer.

Comment 2 Sam Lawrance freebsd_committer

2005-04-19 16:38:05 UTC

Patch for this problem at:
http://people.tecnik93.com/~sam/patch-security-rain

strlen() is being called on "buffer" which is not null terminated.  The
fix uses the known length, "packetsize".

Comment 3 Sam Lawrance freebsd_committer

2005-05-04 06:59:47 UTC

Responsible Changed
From-To: pat->lawrance

Timeout yoink

Comment 4 Sam Lawrance freebsd_committer

2005-05-04 14:36:28 UTC

State Changed
From-To: open->closed

A fix was committed, thanks!