[Nut-upsdev] Stack corruption in newhidups.c

Peter Selinger selinger at mathstat.dal.ca
Fri Sep 29 17:49:22 UTC 2006 

OK, I've done that, and cleaned up the rhino driver a bit in the
process. 

I don't really understand the purpose of the "Testing" branch. It has
not been touched since July, as far as I can see. I also don't
understand NUT's release cycle. 

Shouldn't we be making releases much more frequently? I.e., throw away
the current "Testing" branch and create a new one from the current
trunk? Is anybody actually testing the "Testing" branch? Release 2.0.4
is now so outdated that we tell most users on nut-users to ignore it
and download SVN sources.

Our trunk is reasonably stable; I think we should just pick a random
date, then copy the trunk to a branch called "2.0.5", wait for bug
reports for a few weeks, then release it, then repeat. I know that
there are many ambitious changes in progress that will make it into a
future 2.2 release, but perhaps that is a bit too far in the future?

-- Peter

Arnaud Quette wrote:
> 
> ooops, mea culpa, I have this report from Ales Nosek (from SuSE)
> sitting in my draft stack.
> 
> @Peter: can you also have a look at the 2nd one, and backport both in Testing?
> 
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Hello,
> 
> I send a patch for nut 2.0.4. It fixes these compiler warnings:
> 
> newhidups.c(576): warning #175: subscript out of range
> 
> rhino.c: In function 'upsdrv_initinfo':
> rhino.c:497: warning: call to __builtin___strcpy_chk will always
> overflow destination buffer
> rhino.c:503: warning: call to __builtin___strcpy_chk will always
> overflow destination buffer
> rhino.c:509: warning: call to __builtin___strcpy_chk will always
> overflow destination buffer
> rhino.c:515: warning: call to __builtin___strcpy_chk will always
> overflow destination buffer
> 
> Ales Nosek
> --- drivers/newhidups.c
> +++ drivers/newhidups.c
> @@ -578,7 +578,7 @@
> 
>  void upsdrv_initups(void)
>  {
> -                char *regex_array[5];
> +                char *regex_array[6];
>                 int r;
>                 int i;
> 
> --- drivers/rhino.h
> +++ drivers/rhino.h
> @@ -59,7 +59,7 @@
>  /* data vetor from received and configuration data package - not used yet
>  unsigned char Dados[ 161 ]; */
>  /* identification group */
> -char Model[12];
> +char Model[15];
>  int RhinoModel; /*, imodel; */
>  int PotenciaNominal, PowerFactor;
>  /* input group */
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> 
> Arnaud
> -- 
> Linux / Unix Expert - MGE UPS SYSTEMS - R&D Dpt
> Network UPS Tools (NUT) Project Leader - http://www.networkupstools.org/
> Debian Developer - http://people.debian.org/~aquette/
> OpenSource Developer - http://arnaud.quette.free.fr/
>

More information about the Nut-upsdev mailing list