madden@sdccsu3.UUCP (07/09/83)
There is a rather serious bug in the control message handling of news 2.10.1 (and probably other versions of bnews) which causes it to take core dumps and leave lock files around when trying to send control messages. In xmitmsg of module control.c, a local structure, h, is declared and used without being completely initialized. Later, when this structure is passed on to other routines, garbage pointers in h.unrec are likely to cause unpleasant memory faults, and following damage. The solution I've used is to set the appropriate pointers to NULL before passing h on: ------- control.c ------- *** /tmp/d10606 Fri Jul 8 20:36:56 1983 --- control.c Fri Jul 8 10:57:47 1983 *************** *** 453,458 struct srec srec; FILE *tfp; char *fname; /* Make an article called ARTICLE */ sprintf(h.from, "%s@%s%s", "usenet", FULLSYSNAME, MYDOMAIN); --- 453,459 ----- struct srec srec; FILE *tfp; char *fname; + register iu; /* Make an article called ARTICLE */ sprintf(h.from, "%s@%s%s", "usenet", FULLSYSNAME, MYDOMAIN); *************** *** 465,470 strcpy(h.expdate, ""); getident(&h); dates(&h); tfp = xfopen(fname = mktemp("/tmp/xmsgXXXXXX"), "w"); hwrite(&h, tfp); fclose(tfp); --- 466,474 ----- strcpy(h.expdate, ""); getident(&h); dates(&h); + for (iu = 0; iu < NUNREC; iu++) { + h.unrec[iu] = NULL; + } tfp = xfopen(fname = mktemp("/tmp/xmsgXXXXXX"), "w"); hwrite(&h, tfp); fclose(tfp);