https://bugzilla.novell.com/show_bug.cgi?id=813340 https://bugzilla.novell.com/show_bug.cgi?id=813340#c0 Summary: Suspected memory corruption in standard capi20 lib Classification: openSUSE Product: openSUSE Factory Version: 13.1 Milestone 0 Platform: x86-64 OS/Version: openSUSE 12.3 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jan.fengler@adviqo.com QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.43 Safari/537.31 The capi20 lib from the i4l-base source-package from http://download.opensuse.org/repositories/home:/kkeil:/ISDN/openSUSE_Factory... (and also Version 3.23-100.1 which is newer) seems to create memory corruption during capi20_put_message sending data_b3_req, because no memory is assigned for the data that is put behind the original message in the function capi_processMessage (capi20.c row 962ff). Unfortunately this seems to be a private function and so i could not easily write a test against the entire lib. Reproducible: Always Steps to Reproduce: I provide an example program that uses a 1:1 copy of the original function. I use capi via JNI from Java and it crashes when freeing memory exactly as the test program does. Actual Results: Memory corruption when freeing the memory used for the data_b3_req-message. Expected Results: No memory corruption, the program should terminate without a problem. The last known working version (from openSuSE 10.3) assigned memory for SND_BUFSIZ bytes and copied the original message to this before copying the data bytes after the message and that worked. I will change the code of the function standardPutMessage to do this to avoid the problem and add a patch to this bug report if it works with the patch. I must admit that i could have overseen something, but unfortunately it seems not so far. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.