From 7907c6c9d34a4f19dd7d4d8d81c3c8ae5000ee07 Mon Sep 17 00:00:00 2001 From: ajs Date: Tue, 26 Jul 2005 19:55:31 +0000 Subject: 2005-07-26 Andrew J. Schorr * prefix.c: (prefix_ipv4_new, prefix_ipv6_new): Call prefix_new to allocate the memory to make sure that all struct prefix pointers point to objects of the same length (avoids memory overruns on struct prefix assignments). (prefix_ipv4_free, prefix_ipv6_free): Simply call prefix_free. It is interesting to note that these functions are never actually called anywhere in the code. Instead prefix_free was already being called directly, despite the previous MTYPE incompatibility. [backport candidate] --- lib/ChangeLog | 10 ++++++++++ lib/prefix.c | 13 +++++++++---- 2 files changed, 19 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/ChangeLog b/lib/ChangeLog index f67f2c1e..42e80bd2 100644 --- a/lib/ChangeLog +++ b/lib/ChangeLog @@ -1,3 +1,13 @@ +2005-07-26 Andrew J. Schorr + * prefix.c: (prefix_ipv4_new, prefix_ipv6_new): Call prefix_new + to allocate the memory to make sure that all struct prefix pointers + point to objects of the same length (avoids memory overruns + on struct prefix assignments). + (prefix_ipv4_free, prefix_ipv6_free): Simply call prefix_free. + It is interesting to note that these functions are never actually + called anywhere in the code. Instead prefix_free was already + being called directly, despite the previous MTYPE incompatibility. + 2005-07-26 Andrew J. Schorr * prefix.c: (ip_masklen) While loop should test that 'pnt' pointer is diff --git a/lib/prefix.c b/lib/prefix.c index 1806ac49..c6922036 100644 --- a/lib/prefix.c +++ b/lib/prefix.c @@ -199,7 +199,10 @@ prefix_ipv4_new () { struct prefix_ipv4 *p; - p = XCALLOC (MTYPE_PREFIX_IPV4, sizeof *p); + /* Call prefix_new to allocate a full-size struct prefix to avoid problems + where the struct prefix_ipv4 is cast to struct prefix and unallocated + bytes were being referenced (e.g. in structure assignments). */ + p = (struct prefix_ipv4 *)prefix_new(); p->family = AF_INET; return p; } @@ -208,7 +211,7 @@ prefix_ipv4_new () void prefix_ipv4_free (struct prefix_ipv4 *p) { - XFREE (MTYPE_PREFIX_IPV4, p); + prefix_free((struct prefix *)p); } /* When string format is invalid return 0. */ @@ -348,7 +351,9 @@ prefix_ipv6_new (void) { struct prefix_ipv6 *p; - p = XCALLOC (MTYPE_PREFIX_IPV6, sizeof (struct prefix_ipv6)); + /* Allocate a full-size struct prefix to avoid problems with structure + size mismatches. */ + p = (struct prefix_ipv6 *)prefix_new(); p->family = AF_INET6; return p; } @@ -357,7 +362,7 @@ prefix_ipv6_new (void) void prefix_ipv6_free (struct prefix_ipv6 *p) { - XFREE (MTYPE_PREFIX_IPV6, p); + prefix_free((struct prefix *)p); } /* If given string is valid return pin6 else return NULL */ -- cgit v1.2.1