[Dnsmasq-discuss] 2.44test1 crashes after HUP and route changes
Jean Wolter
jw5-dns at os.inf.tu-dresden.de
Wed Jul 16 23:26:53 BST 2008
Hello,
it looks like there is a bug in 2.44test1. It crashed in
nl_routechange, aparrently while dereferencing
daemon->srv_save->sfd, which is set to zero in reload_servers().
Information from the core file:
Core was generated by `dnsmasq --min-port=4096'.
Program terminated with signal 11, Segmentation fault.
#0 0x0805afa9 in nl_routechange (h=0x10) at netlink.c:245
245 while(sendto(daemon->srv_save->sfd->fd, daemon->packet, daemon->packet_len, 0,
246 &daemon->srv_save->addr.sa, sa_len(&daemon->srv_save->addr)) == -1 && retry_send());
0x0805af87 <nl_routechange+53>: mov 0x8062e78,%eax
0x0805af8c <nl_routechange+58>: pushl 0x118(%eax) # &daemon->srv_save->addr.sa
0x0805af92 <nl_routechange+64>: push $0x0 # 0
0x0805af94 <nl_routechange+66>: pushl 0x11c(%eax) # daemon->packet_len
0x0805af9a <nl_routechange+72>: pushl 0xf0(%eax) # daemon->packet
0x0805afa0 <nl_routechange+78>: mov 0x118(%eax),%eax
0x0805afa6 <nl_routechange+84>: mov 0x4c(%eax),%eax
0x0805afa9 <nl_routechange+87>: pushl (%eax) # daemon->srv_save->sfd->fd, with sfd == 0
0x0805afab <nl_routechange+89>: call 0x8049958 <sendto at plt>
(gdb) i r
eax 0x0 0
eax is zero, dereferencing it leads to a SEGV.
It looks like dnsmasq received a HUP to re-read its config files and
detected a route change shortly after that. It tries to re-send the
last request, and derefences daemon->srv_save->sfd, which was set to 0
while re-reading the config files.
regards,
Jean
More information about the Dnsmasq-discuss
mailing list