On Mon, 21 Dec 2009 21:18:54 -0500 lanas <[email protected]> wrote:
> All, > > Just to let you know that 5.4.1 as shipped by Debian applies a patch > # 1775124 that contains two strdup() inside a sprintf() statement in > the netsnmp_udp_fmtaddr() method (plus one more) > > See: http://pastebin.ca/1701854. > > I reckon that this was fixed later (5.5. does not have it). > > The default patch excerpt: > > + sprintf(tmp, "UDP: [%s]->unknown", > + strdup(inet_ntoa(addr_pair->local_addr))); > + } else { > + sprintf(tmp, "UDP: [%s]->[%s]:%hu", > + strdup(inet_ntoa(addr_pair->local_addr)), > + strdup(inet_ntoa(to->sin_addr)), ntohs(to->sin_port)); > > Patch URL: > > http://sourceforge.net/tracker/?func=detail&atid=312694&aid=1775124&group_id=12694 > Of course, this trades off reuse of a buffer for a memory leak. Use inet_ntop() instead. ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
