> On Jul 15, 2015, at 8:12 AM, Vadim Kochan <vadi...@gmail.com> wrote:
> Would you please check this fix ?
>
> diff --git a/misc/ss.c b/misc/ss.c
> index 03f92fa..3a826e4 100644
> --- a/misc/ss.c
> +++ b/misc/ss.c
> @@ -683,8 +683,8 @@ static inline void sock_addr_set_str(inet_prefix *prefix,
> char **ptr)
>
> static inline char *sock_addr_get_str(const inet_prefix *prefix)
> {
> - char *tmp ;
> - memcpy(&tmp, prefix->data, sizeof(char *));
> + char *tmp;
> + memcpy(&tmp, &prefix->data[0], sizeof(char *));
> return tmp;
> }That surely is not a fix! The destination of the memcpy is the address of an uninitialized stack variable! Both versions are equally bad. -- Mark Rustad, Networking Division, Intel Corporation
signature.asc
Description: Message signed with OpenPGP using GPGMail
