https://bugzilla.novell.com/show_bug.cgi?id=335676#c4
Arjen de Korte changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |suse+build@de-korte.org
--- Comment #4 from Arjen de Korte 2007-10-22 13:13:46 MST ---
I don't know if this is the cause, but there is a bug in the
'drivers/hidparser.c' upto (and including) nut-2.2.0:
620 /* make a list of reports and their lengths */
621 memset(pDesc->replen, 0, 256);
If reports 64..255 are used by the UPS (and the subdriver), the above would
lead to the use of uninitialized data. I have seen the driver segfault'ing
because of that.
Since we're trying to clear an array of 256 int's, line 621 should really read:
621 memset(pDesc->replen, 0, 256 * sizeof(int));
Note that in nut-2.2.1 and higher this has been solved upstream, as there have
been massive changes to the usbhid-ups driver. It now allocates memory through
calloc() instead of malloc() if the memory needs to be cleared anyway.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.