madden@sdccsu3.UUCP (07/09/83)
There is a rather serious bug in the control message handling of
news 2.10.1 (and probably other versions of bnews) which causes
it to take core dumps and leave lock files around when trying to
send control messages. In xmitmsg of module control.c, a local
structure, h, is declared and used without being completely initialized.
Later, when this structure is passed on to other routines, garbage
pointers in h.unrec are likely to cause unpleasant memory faults,
and following damage.
The solution I've used is to set the appropriate pointers to NULL before
passing h on:
------- control.c -------
*** /tmp/d10606 Fri Jul 8 20:36:56 1983
--- control.c Fri Jul 8 10:57:47 1983
***************
*** 453,458
struct srec srec;
FILE *tfp;
char *fname;
/* Make an article called ARTICLE */
sprintf(h.from, "%s@%s%s", "usenet", FULLSYSNAME, MYDOMAIN);
--- 453,459 -----
struct srec srec;
FILE *tfp;
char *fname;
+ register iu;
/* Make an article called ARTICLE */
sprintf(h.from, "%s@%s%s", "usenet", FULLSYSNAME, MYDOMAIN);
***************
*** 465,470
strcpy(h.expdate, "");
getident(&h);
dates(&h);
tfp = xfopen(fname = mktemp("/tmp/xmsgXXXXXX"), "w");
hwrite(&h, tfp);
fclose(tfp);
--- 466,474 -----
strcpy(h.expdate, "");
getident(&h);
dates(&h);
+ for (iu = 0; iu < NUNREC; iu++) {
+ h.unrec[iu] = NULL;
+ }
tfp = xfopen(fname = mktemp("/tmp/xmsgXXXXXX"), "w");
hwrite(&h, tfp);
fclose(tfp);