Fix segfault in juju's handle_arm_request

The buffer pointers were uninitialized, leading to segfault in memcpy.
Bug report and initial version of the fix by Adrian Knoth.

Signed-off-by: Dan Dennedy <dan@dennedy.org>
This commit is contained in:
Stefan Richter 2008-10-18 01:25:30 +02:00 committed by Dan Dennedy
parent 0bf8132319
commit 7b8d270352
1 changed files with 2 additions and 0 deletions

View File

@ -773,10 +773,12 @@ handle_arm_request(raw1394handle_t handle, struct address_closure *ac,
} }
rrb->request.generation = fwhandle->reset.generation; rrb->request.generation = fwhandle->reset.generation;
rrb->request.buffer_length = in_length; rrb->request.buffer_length = in_length;
rrb->request.buffer = rrb->data;
memcpy(rrb->request.buffer, request->data, in_length); memcpy(rrb->request.buffer, request->data, in_length);
rrb->response.response_code = response.rcode; rrb->response.response_code = response.rcode;
rrb->response.buffer_length = response.length; rrb->response.buffer_length = response.length;
rrb->response.buffer = rrb->data + in_length;
memcpy(rrb->response.buffer, memcpy(rrb->response.buffer,
allocation->data + offset, response.length); allocation->data + offset, response.length);