Summary: amfa: avoid illigal memory access [#1307] Review request for Trac Ticket(s): #1307 Peer Reviewer(s): Hans N, Praveen Pull request to: <<LIST THE PERSON WITH PUSH ACCESS HERE>> Affected branch(es): All Development branch: Default
-------------------------------- Impacted area Impact y/n -------------------------------- Docs n Build system n RPM/packaging n Configuration files n Startup scripts n SAF services y OpenSAF services n Core libraries n Samples n Tests n Other n Comments (indicate scope for each "y" above): --------------------------------------------- <<EXPLAIN/COMMENT THE PATCH SERIES HERE>> changeset 58ac51a0311884235906fa4eb3c6b2b9e897c615 Author: Nagendra Kumar<[email protected]> Date: Tue, 21 Apr 2015 16:58:04 +0530 amfa: avoid illigal memory access [#1307] While invalid handle is passed to saAmfProtectionGroupTrack_4, code jumps to done and calls avsv_nda_ava_msg_content_free(&msg). But msg is not meset to zero, so it has garbage values. Inside avsv_nda_ava_msg_content_free, the following code points to garbage pointer and agent crashes: if (msg->info.cbk_info) { avsv_amf_cbk_free(msg->info.cbk_info); msg need to be memset before code jumps to 'done'. Complete diffstat: ------------------ osaf/libs/agents/saf/amfa/ava_api.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) Testing Commands: ----------------- Started controller SC-1. Testing, Expected Results: -------------------------- SC-1 came up successfully. Conditions of Submission: ------------------------- Ack from peer reviewers. Arch Built Started Linux distro ------------------------------------------- mips n n mips64 n n x86 n n x86_64 y y powerpc n n powerpc64 n n Reviewer Checklist: ------------------- [Submitters: make sure that your review doesn't trigger any checkmarks!] Your checkin has not passed review because (see checked entries): ___ Your RR template is generally incomplete; it has too many blank entries that need proper data filled in. ___ You have failed to nominate the proper persons for review and push. ___ Your patches do not have proper short+long header ___ You have grammar/spelling in your header that is unacceptable. ___ You have exceeded a sensible line length in your headers/comments/text. ___ You have failed to put in a proper Trac Ticket # into your commits. ___ You have incorrectly put/left internal data in your comments/files (i.e. internal bug tracking tool IDs, product names etc) ___ You have not given any evidence of testing beyond basic build tests. Demonstrate some level of runtime or other sanity testing. ___ You have ^M present in some of your files. These have to be removed. ___ You have needlessly changed whitespace or added whitespace crimes like trailing spaces, or spaces before tabs. ___ You have mixed real technical changes with whitespace and other cosmetic code cleanup changes. These have to be separate commits. ___ You need to refactor your submission into logical chunks; there is too much content into a single commit. ___ You have extraneous garbage in your review (merge commits etc) ___ You have giant attachments which should never have been sent; Instead you should place your content in a public tree to be pulled. ___ You have too many commits attached to an e-mail; resend as threaded commits, or place in a public tree for a pull. ___ You have resent this content multiple times without a clear indication of what has changed between each re-send. ___ You have failed to adequately and individually address all of the comments and change requests that were proposed in the initial review. ___ You have a misconfigured ~/.hgrc file (i.e. username, email etc) ___ Your computer have a badly configured date and time; confusing the the threaded patch review. ___ Your changes affect IPC mechanism, and you don't present any results for in-service upgradability test. ___ Your changes affect user manual and documentation, your patch series do not contain the patch that updates the Doxygen manual. ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ Opensaf-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opensaf-devel
