Bug 26509
| Summary: | [PATCH] Obscure sysinstall NULL dereference bug | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Base System | Reporter: | dd <dd> | ||||
| Component: | misc | Assignee: | dd <dd> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | ||||||
| Priority: | Normal | ||||||
| Version: | Unspecified | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Responsible Changed From-To: freebsd-bugs->jkh Over to sysinstall maintainer. Responsible Changed From-To: jkh->dd I'll commit the patch we talked about once I can test an install using the new code (few days). State Changed From-To: open->analyzed mfc reminder State Changed From-To: analyzed->closed DEVICE_* macros MFC'd |
On some occasions, sysinstall can be persuaded to follow a NULL pointer. This particular bug is actually not so straight-forward that many people would run into it, but it seems I always do :-/ (I've had this bite me for just about every release since 4.0 or so). The problem is that a lot of code in sysinstall (dist.c, particuarly) expects the mediaDevice global variable to be non-NULL. When some operation fails, you might see code like: mediaDevice->shutdown(mediaDevice); if (!mediaDevice->init(mediaDevice)) ... The problem is that sometimes the operation that fails sets mediaDevice to NULL, causing a nice, annoying NULL dereference. Fix: The patch below corrects the problem by removing the "mediaDevice = NULL" assignment from the mediaClose routine. It's not the most correct or elegant fix in the world, but too much code assumes mediaDevice is non-NULL to simply go through and fix all of it. At least it's the least intrusive fix I could come up with. How-To-Repeat: 1. Run sysinstall in whatever mode you want; doesn't matter if it's on an existing system or not. Somehow get to the part where you choose which distributions you want, choose at least one, then somehow get to the part where it will extract the distributions 2. Choose an FTP install. Select ftp.freebsd.org (you can use any server you want; I'm just using that as an example). 3. Let it start extracting distributions. Allow it to extract at least one file (i.e., let it do something). At this point, cut off its link to the FTP server. If this is an existing system, `ipfw add 1 reset tcp from any to ftp.freebsd.org` works nicely. In practice, it can be any reason (I've had this happen when I chose "FTP" instead of "FTP passive" or when the Internet link died). 4. Wait for it to figure out the server is dead. It should prompt you to select another one. At the "Please select a FreeBSD FTP distribution site" menu, select Cancel (you'd do this if, e.g., you wanted to switch from "FTP" to "FTP passive"). 5. Push "OK" or "yes" on the dialog boxes it presents. 6. Watch it crash (if this is a new install where sysinstall is acting as init, it will display a nice "I got sigsegv and that's bad" message). As you can deduce from the size of the instructions, few people probably run into this. Nevertheless, I think that for sysinstall, anything short of corruption is better than crashing; the latter is very annoying, esp. after you've spent some time deciding on the filesystem layout, distributions, packages, etc.