* #263154: iptables: segfault with multiple ip hostnames
@ 2004-08-03 22:03 Laurence J. Lane
2004-08-03 22:11 ` Phil Oester
2004-08-03 22:26 ` Patrick McHardy
0 siblings, 2 replies; 4+ messages in thread
From: Laurence J. Lane @ 2004-08-03 22:03 UTC (permalink / raw)
To: netfilter-devel
http://bugs.debian.org/263154
iptables 1.2.11 segfaults when given a domain name that resolves
to multiple ip addresses. The situation is the same for kernel
versions 2.4.26 and 2.6.7.
As an example:
# iptables -I INPUT -s google.com -j DROP
free(): invalid pointer 0x8055a4c!
Segmentation fault
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: #263154: iptables: segfault with multiple ip hostnames
2004-08-03 22:03 #263154: iptables: segfault with multiple ip hostnames Laurence J. Lane
@ 2004-08-03 22:11 ` Phil Oester
2004-08-03 22:26 ` Patrick McHardy
1 sibling, 0 replies; 4+ messages in thread
From: Phil Oester @ 2004-08-03 22:11 UTC (permalink / raw)
To: Laurence J. Lane; +Cc: netfilter-devel
On Tue, Aug 03, 2004 at 06:03:50PM -0400, Laurence J. Lane wrote:
> http://bugs.debian.org/263154
>
> iptables 1.2.11 segfaults when given a domain name that resolves
> to multiple ip addresses. The situation is the same for kernel
> versions 2.4.26 and 2.6.7.
This is fixed in CVS. Patch below for reference.
Phil
diff -u -r1.68 -r1.69
--- iptables/iptables.c 2004/05/26 16:04:48 1.68
+++ iptables/iptables.c 2004/07/04 15:20:53 1.69
@@ -2339,11 +2339,8 @@
e = NULL;
}
- for (c = 0; c < nsaddrs; c++)
- free(&saddrs[c]);
-
- for (c = 0; c < ndaddrs; c++)
- free(&daddrs[c]);
+ free(saddrs);
+ free(daddrs);
if (opts != original_opts) {
free(opts);
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: #263154: iptables: segfault with multiple ip hostnames
2004-08-03 22:03 #263154: iptables: segfault with multiple ip hostnames Laurence J. Lane
2004-08-03 22:11 ` Phil Oester
@ 2004-08-03 22:26 ` Patrick McHardy
2004-08-20 16:09 ` Herve Eychenne
1 sibling, 1 reply; 4+ messages in thread
From: Patrick McHardy @ 2004-08-03 22:26 UTC (permalink / raw)
To: Laurence J. Lane; +Cc: netfilter-devel
Laurence J. Lane wrote:
>http://bugs.debian.org/263154
>
>iptables 1.2.11 segfaults when given a domain name that resolves
>to multiple ip addresses. The situation is the same for kernel
>versions 2.4.26 and 2.6.7.
>
>As an example:
>
> # iptables -I INPUT -s google.com -j DROP
> free(): invalid pointer 0x8055a4c!
> Segmentation fault
>
>
Already fixed in CVS:
http://cvs.netfilter.org/iptables/iptables.c?r1=1.68&r2=1.69
But seems to be missing this:
diff -u -r1.69 iptables.c
--- iptables.c 4 Jul 2004 15:20:53 -0000 1.69
+++ iptables.c 3 Aug 2004 22:22:25 -0000
@@ -551,7 +551,7 @@
while (host->h_addr_list[*naddr] != (char *) NULL)
(*naddr)++;
- addr = fw_calloc(*naddr, sizeof(struct in_addr));
+ addr = fw_calloc(*naddr, sizeof(struct in_addr) * *naddr);
for (i = 0; i < *naddr; i++)
inaddrcpy(&(addr[i]),
(struct in_addr *) host->h_addr_list[i]);
Regards
Patrick
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2004-08-20 16:09 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-08-03 22:03 #263154: iptables: segfault with multiple ip hostnames Laurence J. Lane
2004-08-03 22:11 ` Phil Oester
2004-08-03 22:26 ` Patrick McHardy
2004-08-20 16:09 ` Herve Eychenne
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.