LISTGROUP apparently making nnrpd lose articles
Nick Leverton
nick at leverton.org
Wed Apr 17 15:18:40 UTC 2002
On Wed, Apr 17, 2002 at 05:32:10PM +0900, Katsuhiro Kondou wrote:
> In article <20020417080534.GA28450 at leverton.org>,
> Nick Leverton <nick at leverton.org> wrote;
>
> } I've found and fixed the problem, it is a bug in nnrpd. It is allocating
> } dynamic memory for the group name, taking a copy of the pointer to it,
> } disposing of the memory, and then using the pointer.
>
> GRPcur is also dynamically allocated and initialized
> to NULL at nnrpd.c. So I don't understand why your
> patch fixes.
It is because GRPcur is dynamically allocated that there is a problem.
Because after it is disposed of, the pointer to where it used to be
remains in local variable 'group', and is used as if it still pointed to
valid allocated memory. It's an easy mistake to make when using pointers.
The patch fixes this by allocating fresh memory for 'group' instead.
Nick
More information about the inn-bugs
mailing list