On Fri, Jul 19, 2013 at 03:30:31PM -0500, Jeffrey Bastian wrote:
> I was just reviewing the get_lan_param_select() code in lib/ipmi_lanp.c
> and I think I found a bug:
>
> for (i = 0; ipmi_lan_params[i].cmd != (-1); i++) {
> if (ipmi_lan_params[i].cmd == param) {
> p = &ipmi_lan_params[param];
> break;
> }
> }
>
> The 3rd line should use i for the array index, not param:
> - p = &ipmi_lan_params[param];
> + p = &ipmi_lan_params[i];
>
> The param value matches the cmd in the lan_param struct, but it's not
> the same as the ipmi_lan_params[] array index.
Here is an example of what I mean. This problem becomes apparent with
the OEM extensions which use values 192+.
Setting a breakpoint on the get_lan_param_select() function:
$ gdb ./ipmitool
(gdb) b get_lan_param_select
(gdb) run -H hostname -U user -P password lan print 1
(gdb) p ipmi_lan_params[28]
$1 = {cmd = 193, size = 4,
desc = "TFTP Server IP\000\000\000\000\000\000\000\000\000", data = 0x0,
data_len = 0}
(gdb) p sizeof(ipmi_lan_params) / sizeof(*ipmi_lan_params)
$2 = 40
As you can see, entry 28 in the array has cmd value of 193.
So, if ipmi_lan_params[i].cmd == param == 193 then
p = &ipmi_lan_params[param];
becomes
p = &ipmi_lan_params[193];
which is a bug because the array only has 40 entries.
Thus, the line should be
p = &ipmi_lan_params[i];
Jeff
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Ipmitool-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
