Bug 127075 - comms/qpage segmentation fault due to freeing already-freed memory
Summary: comms/qpage segmentation fault due to freeing already-freed memory
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Stefan Walter
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-09-03 22:10 UTC by jfb
Modified: 2008-10-18 19:51 UTC (History)
0 users

See Also:

Attachments
file.diff (226 bytes, patch)
2008-09-03 22:10 UTC, jfb 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description jfb 2008-09-03 22:10:01 UTC 
When qpage in daemon mode receives a SIGHUP, it frees malloc-ed memory before rereading its configuration file. The problem occurs on line 1410 of config.c, where a pointer to a service declaration is freed. The memory at that address is not a separate allocation for each PAGER struct, and furthermore, the entire service list has been freed by the time free_pagers() is called. Calling free() on a pointer that points to unallocated memory appears to cause a segmentation fault.

Fix: attached patch

Patch attached with submission follows:
How-To-Repeat: Build and install ports/qpage. No tunables are present in the Makefile. Install a working qpage.cf in /usr/local/etc (perhaps just using the qpage-example.cf provided). It is not necessary to have a modem available as long as the configuration file can be edited to reference an existing /dev/cua* device that is not otherwise in use ("modem=/dev/XXX" in qpage.cf). Execute '/usr/local/etc/rc.d/qpage.sh start'. At this point, there should be one qpage process running. Send the process a SIGHUP, wait a moment, and send another SIGHUP. qpage will have exited with a segmentation fault (logged to /var/log/messages by a standard FreeBSD configuration).
Comment 1 Stefan Walter freebsd_committer freebsd_triage 2008-10-18 09:29:09 UTC 
Hi Jeff,

I wasn't able to put together a minimal working configuration file.
Starting qpage always results in "Error reading configuration file". Can
you provide a minimal configuration that allows me to test it without a
modem?

Regards,
Stefan
Comment 2 Stefan Walter freebsd_committer freebsd_triage 2008-10-18 19:41:44 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->stefan

Take.
Comment 3 dfilter service freebsd_committer freebsd_triage 2008-10-18 19:45:29 UTC 
stefan      2008-10-18 18:45:19 UTC

  FreeBSD ports repository

  Modified files:
    comms/qpage          Makefile 
  Added files:
    comms/qpage/files    patch-config.c 
  Log:
  - Fix segmentation faults on SIGHUP.
  - Assign maintainership to submitter.
  
  PR:             127075, 127827
  Submitted by:   Jeffrey Blank <jfb@mr-happy.com>
  
  Revision  Changes    Path
  1.26      +2 -2      ports/comms/qpage/Makefile
  1.1       +12 -0     ports/comms/qpage/files/patch-config.c (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 4 Stefan Walter freebsd_committer freebsd_triage 2008-10-18 19:51:15 UTC 
State Changed
From-To: open->closed

Patch committed, thanks!