Hi,
Recently I was testing pretagging and found a strange thing just like
previosly described in this list
(http://www.pmacct.net/mailman/private/pmacct-discussion/2009-September/001309.html):
libpcap-style filters sometimes didn't work because nfacctd reported
syntax errors in pretag.map, although filters were obviously valid. So
I looked into sources and found a bug in utils.c, function
strip_quotes(): strcpy() was used with the same source and destination
strings.
This bug caused corruption of 'quoted' config strings such as filter
attribute in pretag.map. I wonder how people managed to use pretag.map
in production without getting syntax errors :).
Regards,
Dmitry Koplovich
Patch:
diff -urN pmacct-0.12.3/src/util.c pmacct-0.12.3.bugfix/src/util.c
--- pmacct-0.12.3/src/util.c<-->2010-07-01 15:24:43.000000000 +0400
+++ pmacct-0.12.3.bugfix/src/util.c>2010-10-19 02:53:50.000000000 +0400
@@ -212,20 +212,29 @@
.
void strip_quotes(char *buf)
{
- char *ptr;
+ char *ptr, *tmp_buf;
int i = 0, len;
.
- ptr = buf;
len = strlen(buf);
.
- /* stripping all quote marks */
+ tmp_buf = (char *)malloc(len + 1);
+ if (tmp_buf == NULL) {
+ Log(LOG_ERR, "ERROR: strip_quotes: malloc()\n");
+ return;
+ }
+ ptr = buf;
+..
+ /* stripping all quote marks using a temporary buffer
+ * to avoid string corruption by strcpy() */
while (i <= len) {
if (ptr[i] == '\'') {
- strcpy(&buf[i], &ptr[i+1]);
+ strcpy(tmp_buf, &ptr[i+1]);
+ strcpy(&buf[i], tmp_buf);
len--;
}
else i++;
}
+ free(tmp_buf);
}
.
int isblankline(char *line)
_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists
