dhcpcd-discuss

Home Other Lists Thread Index Date Index Search
Thread Prev Thread Next Date Prev Date Next Thread Index Date Index

Re: Segment Fault in find_route

Roy Marples

Sun Apr 12 09:02:35 2015
Hi Paul

On Sat, 2015-04-11 at 00:20 +0000, Walrath, Paul (Vancouver) wrote:
> I?ve been seeing an occasional segment fault in the find_route()
> function.  In the following code, a zero value pointer is being
> dereferenced.
> 
>  
> 
> #ifdef HAVE_ROUTE_METRIC
> 
>             (srt || (!rt->iface ||
> 
>             rt->iface->metric == r->iface->metric)) &&
> 
> #endif
> 
>  
> 
> The r->iface value is 0, so r->iface->metric is causing the segment
> fault.  This would be avoided by the following:
> 
>  
> 
> #ifdef HAVE_ROUTE_METRIC
> 
>             (srt || (!rt->iface || !r->iface ||
> 
>             rt->iface->metric == r->iface->metric)) &&
> 
> #endif
> 
>  
> 
> This is similar to what is implemented in find_route6()
> 
>  
> 
> #ifdef HAVE_ROUTE_METRIC
>             (r->iface == NULL || rt->iface == NULL ||
>             rt->iface->metric == r->iface->metric) &&
> #endif
> 
>  
> 
> Does this look right to you?  I don?t have any idea if this breaks the
> logic in the function.

Thanks for finding this!
I've seen it myself but only very very occasionally and for some reason
my Linux machine (never seemed to happen on my NetBSD ones) didn't
create a useable core file at boot time.

The patch itself is fine and is fixed here: 
http://roy.marples.name/projects/dhcpcd/ci/7208ad8ab2ad819f?sbs=0

Thanks

Roy
References:
Segment Fault in find_routeWalrath, Paul (Vancouver)
Archive administrator: postmaster@marples.name