prefix_pton segfaults due to returning error message on the stack

[GoogleCodeExporter]

What steps will reproduce the problem?

Use prefix_pton() in a program where getaddrinfo() fails.

What is the expected output? What do you see instead?

*errmsg contains a valid error message; instead, it contains garbage

What version of the product are you using? On what operating system?

0.5, Linux x86_64

Please provide any additional information below.

See https://code.google.com/p/py-radix/source/browse/radix.c#597: save is on 
the stack, and so out of scope when prefix_pton() returns, but *errmsg = save 
returns that (now invalid) pointer to the caller.

The fix would be to format the message in a thread-local buffer rather than on 
the stack.

Original issue reported on code.google.com by tud...@gmail.com on 15 Nov 2013 at 1:40

[GoogleCodeExporter]

prefix_pton() may segfault (in rare cases) or return garbage (most of the time) 
because of reading from an out-of-scope string.

Original comment by tud...@gmail.com on 15 Nov 2013 at 1:42

[GoogleCodeExporter]

Another (simpler) fix would be to no longer prefix the error string by 
"getaddrinfo: " and just do *errmsg = gai_strerror(r).

Original comment by tud...@gmail.com on 15 Nov 2013 at 1:53

[GoogleCodeExporter]

I took the latter of your suggestions (removing the prefix). Fix committed - 
thanks!

Original comment by d...@djm.net.au on 17 Nov 2013 at 11:19

• Changed state: Fixed