On Sat, 2008-11-01 at 18:00 +0900, Ian Kent wrote:
> >
> > daemon/lookup.c:
> >
> > 598 me = cache_enumerate(mc, NULL);
> > 599 while (me) {
> > ...
> > 611 fullpath = alloca(strlen(me->key) +
> > strlen(root) + 3);
> > 612 if (!fullpath) {
> > 613 warn(ap->logopt, "failed to
> > allocate full path");
> > 614 goto next;
> > 615 }
> > 616 sprintf(fullpath, "%s/%s", root, me->key);
> > ...
> > 637 next:
> > 638 me = cache_enumerate(mc, me);
> > 639 }
> >
> > alloca(3) does not return NULL. After some number of iterations, you
> > overflow the stack.
>
> Yeah, that's not good use of alloca, I'll fix it.
I've been a bit slack wrt. this.
I'll have a look through and change the other suspect cases as well.
Ian
_______________________________________________
autofs mailing list
autofs@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/autofs
