Difference between revisions of "LinuxAX25 LatestChanges"

From LinuxHam
Jump to navigationJump to search
Line 14: Line 14:


Changes visualized:
Changes visualized:
   http://www.linux-ax25.org/cvsweb/libax25/axconfig.c.diff?r1=1.6;r2=1.10;f=h
   http://www.linux-ax25.org/cvsweb/libax25/axconfig.c.diff?r1=1.7;r2=1.10;f=h
   http://www.linux-ax25.org/cvsweb/libax25/nrconfig.c.diff?r1=1.4;r2=1.5;f=h
   http://www.linux-ax25.org/cvsweb/libax25/nrconfig.c.diff?r1=1.4;r2=1.5;f=h
   http://www.linux-ax25.org/cvsweb/libax25/rsconfig.c.diff?r1=1.4;r2=1.5;f=h
   http://www.linux-ax25.org/cvsweb/libax25/rsconfig.c.diff?r1=1.4;r2=1.5;f=h

Revision as of 22:43, 16 April 2009

2009-04-09 - dl9sau

An 1 year old patch to libax25 introduced a bug: the call section in /etc/ax25/axports suddenly had to state "CALL-0" instead of "CALL". Since many people run the linux system behind a node software (like RMNC or XNet) and use a SSID in this setup, the problem did not shown up.

Other changes: security considerations, introduced by that patch.

 - Never do a strcpy without length check. Ok, the parsed data came from the kernel.
   But hey, you know things are changing fast these days. It's better to give programs
   a chance for complaining that something is unexpected than just to let them segfault ;)
 - checks to !strdup() were striped off. Including error message and appropriate
   return value.
   The consideration on error messages by a library may be ok. But it's not ok to
   ignore on the one hand if the pointer is assigned to 0, and on the other hand to
   leave in other code parts untouched (blind strcmp(possible0, "foo")).

Changes visualized:

 http://www.linux-ax25.org/cvsweb/libax25/axconfig.c.diff?r1=1.7;r2=1.10;f=h
 http://www.linux-ax25.org/cvsweb/libax25/nrconfig.c.diff?r1=1.4;r2=1.5;f=h
 http://www.linux-ax25.org/cvsweb/libax25/rsconfig.c.diff?r1=1.4;r2=1.5;f=h

Way Out

Back to the LinuxAX25 Project Homepage