Fix segfault in juju's handle_arm_request

The buffer pointers were uninitialized, leading to segfault in memcpy. Bug report and initial version of the fix by Adrian Knoth. Signed-off-by: Dan Dennedy <dan@dennedy.org>
author: Stefan Richter <stefanr@s5r6.in-berlin.de> 2008-10-18 01:25:30 +0200
committer: Dan Dennedy <dan@dennedy.org> 2008-10-28 22:56:48 -0700
commit: 7b8d2703525b40c743456c4bb2e129ae515c55bb (patch)
tree: a5832c8b7af04336f2e347a880632adbce004891
parent: 0bf8132319fe11e5d63d3757b7dcf6a8f5745400 (diff)
download: libraw1394-7b8d2703525b40c743456c4bb2e129ae515c55bb.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/fw.c b/src/fw.c
index 4ef084d..eacbaaa 100644
--- a/src/fw.c
+++ b/src/fw.c
@@ -773,10 +773,12 @@ handle_arm_request(raw1394handle_t handle, struct address_closure *ac,
 	}
 	rrb->request.generation = fwhandle->reset.generation;
 	rrb->request.buffer_length = in_length;
+	rrb->request.buffer = rrb->data;
 	memcpy(rrb->request.buffer, request->data, in_length);
 
 	rrb->response.response_code = response.rcode;
 	rrb->response.buffer_length = response.length;
+	rrb->response.buffer = rrb->data + in_length;
 	memcpy(rrb->response.buffer,
 	       allocation->data + offset, response.length);
author	Stefan Richter <stefanr@s5r6.in-berlin.de>	2008-10-18 01:25:30 +0200
committer	Dan Dennedy <dan@dennedy.org>	2008-10-28 22:56:48 -0700
commit	7b8d2703525b40c743456c4bb2e129ae515c55bb (patch)
tree	a5832c8b7af04336f2e347a880632adbce004891
parent	0bf8132319fe11e5d63d3757b7dcf6a8f5745400 (diff)
download	libraw1394-7b8d2703525b40c743456c4bb2e129ae515c55bb.tar.gz