Bug 17911

Summary: unitialized var in netgraph msg code
Product: Base System Reporter: Tom Pavel <pavel>
Component: kernAssignee: Archie Cobbs <archie>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 3.4-RELEASE   
Hardware: Any   
OS: Any   

Description Tom Pavel 2000-04-11 00:20:01 UTC 
	The "off" variable in the NGM_ASCII2BINARY case of
	ng_generic_msg() is unitialized.  This can lead to a kernel
	panic in strtol() (from e.g. ng_int32_parse()) if the variable
	happens to be initialized to a (nonzero) nonsensical value.

Fix: 

Tom Pavel

Network Physics
pavel@networkphysics.com / pavel@alum.mit.edu--PMzs6UTU56dUGLghtTa9wkjmWPRdC3cNBslHWFSOSed2HfW0
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

--- /sys/netgraph/ng_base.c     Wed Dec  8 11:44:03 1999
+++ ng_base.c   Mon Apr 10 12:03:19 2000
@@ -1519,7 +1519,7 @@
                const struct ng_cmdlist *c;
                const struct ng_parse_type *argstype;
                struct ng_mesg *rp, *ascii, *binary;
-               int off;
+               int off = 0;
 
                /* Data area must contain at least a struct ng_mesg + '\0' */
                ascii = (struct ng_mesg *)msg->data;
How-To-Repeat: 
	Hook up some netgraph modules, send a bunch of ngctl msg
	commands with numeric arguments, and wait for the kernel stack
	to churn a bit.
Comment 1 Sheldon Hearn freebsd_committer freebsd_triage 2000-04-11 14:08:06 UTC 
Responsible Changed
From-To: freebsd-bugs->archie

Over to the currently active netgraph person. :-)
Comment 2 Archie Cobbs freebsd_committer freebsd_triage 2000-04-12 18:32:22 UTC 
State Changed
From-To: open->closed

Patch applied in -current, RELENG_4, and RELENG_3 
Thanks!!