Re: Crash found?

From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-06-24 06:46:11 UTC

• Next message: Martin Polak: "Did someone manage to get "ELSA Airlancer MC-11" work?"
• Previous message: Terry Hardie: "Re: Possible bug in the Bridge-utils/HostAP driver"
• In reply to: Terry Hardie: "Re: Crash found?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

On Sun, Jun 23, 2002 at 02:51:08PM -0700, Terry Hardie wrote:
> On Sun, 23 Jun 2002, Terry Hardie wrote:
>
> > prism2_ap.c:951 takes a u16 pointer into body, which is a char[6],
> > declared on the stack. The next 6 lines then proceed to fill those 6
> > character (3 lost of u16s). Line 963 then continues to use pos, which now
> > points after the char[6] buffer, which would theoretically trash the
> > stack...
>
> When I increase body to be 256 bytes, my crashes stop. Yay!

Thanks! Bad me.. I managed to break that (after 2002-05-19 release so CVS versions only) while doing some cleanup for large stack variables. The buffer was large enough originally, but when I changed one part using the large buffer to allocate memory, I missed another part.. Anyway, that change is now reverted in CVS.

-- 
Jouni Malinen                                            PGP id EFC895FA

• Next message: Martin Polak: "Did someone manage to get "ELSA Airlancer MC-11" work?"
• Previous message: Terry Hardie: "Re: Possible bug in the Bridge-utils/HostAP driver"
• In reply to: Terry Hardie: "Re: Crash found?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]