2010/7/4 Kalev Lember <[email protected]>: > pcscd attempts to read uninitialized memory and free an invalid > pointer when its configuration directory is empty. > > The patch fixes this by initializing reader_list to NULL. > > ==2658== Conditional jump or move depends on uninitialised value(s) > ==2658== at 0x40A2EF: RFStartSerialReaders (readerfactory.c:1324) > ==2658== by 0x40743F: main (pcscdaemon.c:522) > ==2658== ==2658== Use of uninitialised value of size 8 > ==2658== at 0x40A2F5: RFStartSerialReaders (readerfactory.c:1327) > ==2658== by 0x40743F: main (pcscdaemon.c:522) > ==2658== ==2658== Conditional jump or move depends on uninitialised value(s) > ==2658== at 0x4C26D25: free (vg_replace_malloc.c:325) > ==2658== by 0x40A404: RFStartSerialReaders (readerfactory.c:1348) > ==2658== by 0x40743F: main (pcscdaemon.c:522) > ==2658== ==2658== Invalid free() / delete / delete[] > ==2658== at 0x4C26D72: free (vg_replace_malloc.c:325) > ==2658== by 0x40A404: RFStartSerialReaders (readerfactory.c:1348) > ==2658== by 0x40743F: main (pcscdaemon.c:522) > ==2658== Address 0x4222148 is not stack'd, malloc'd or (recently) free'd > > > --- pcsc-lite-1.6.1/src/readerfactory.c.orig 2010-07-04 23:42:14.000000000 > +0300 > +++ pcsc-lite-1.6.1/src/readerfactory.c 2010-07-04 23:42:23.000000000 +0300 > @@ -1312,7 +1312,7 @@ void RFCleanupReaders(void) > #ifdef USE_SERIAL > int RFStartSerialReaders(const char *readerconf) > { > - SerialReader *reader_list; > + SerialReader *reader_list = NULL; > int i, rv; > /* remember the configuration filename for RFReCheckReaderConf() */
Fixed in revision 5066. Thanks -- Dr. Ludovic Rousseau _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
