[Pkg-clamav-devel] Bug#507624: Fix prepared
Michael Tautschnig
mt at debian.org
Wed Dec 3 19:36:06 UTC 2008
[...]
>
> The patch in Debian (most likely my fault) semantically amounts to this:
>
> if(!(buffer = cli_malloc(FILEBUFF))){
> close(s);
> }
> close(d);
> return -1;
>
> Instead of this:
>
> if(!(buffer = cli_malloc(FILEBUFF))){
> close(s);
> close(d);
> return -1;
> }
>
> In other words, the buggy version in Debian always closes the fd d and
> returns -1 from that block of code, rather than only doing those two
> thing if the malloc fails.
>
> Hope that makes it clearer.
OMG, I forgot about the missing { } -- I guess we should ask the security team
to wait for another upload fixing this? I can do it, but would like to get your
ok.
Thanks,
Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20081203/2e99f183/attachment.pgp
More information about the Pkg-clamav-devel
mailing list