minicom 2.1 bug; signed integer problem
Jonathan Heusser
jonny@drugphish.ch
Sun, 25 May 2003 14:28:24 +0200
Hello,
I write you this mail because I think you are the current maintainer of
minicom. Correct me if I'm wrong.
I found a small bug in the current minicom distribution (2.1?) which
leads to a segmentation fault.
The problem starts at the unsanitized getopt value 'd':
minicom.c:1136
case 'd': /* Dial from the command line. */
cmd_dial = optarg;
minicom.c:1335
if (cmd_dial) dialone(cmd_dial);
dial.c:1341 function dialone()
if ((d = getno(num - 1))) {
ial.c:979 function getno()
// following check will never be true since 'no' is
a // negative number
if (no >= nrents) return((struct dialent *)NULL);
..
// endless loop accessing/assigning d->next
while(no--) d = d->next;
The bug can be triggered with 'minicom -d -1'.
bye,
jonathan heusser
--
Revolution is not an AOL Keyword.
Key fingerprint = 2A55 EB7C B7EA 6336 7767 4A47 910A 307B 1333 BD6C