[Dnsmasq-discuss] 2.44test1 crashes after HUP and route changes
Simon Kelley
simon at thekelleys.org.uk
Thu Jul 17 18:22:27 BST 2008
Jean Wolter wrote:
> Hello,
>
> it looks like there is a bug in 2.44test1. It crashed in
> nl_routechange, aparrently while dereferencing daemon->srv_save->sfd,
> which is set to zero in reload_servers().
>
> Information from the core file:
>
> Core was generated by `dnsmasq --min-port=4096'. Program terminated
> with signal 11, Segmentation fault. #0 0x0805afa9 in nl_routechange
> (h=0x10) at netlink.c:245 245
> while(sendto(daemon->srv_save->sfd->fd, daemon->packet,
> daemon->packet_len, 0, 246
> &daemon->srv_save->addr.sa, sa_len(&daemon->srv_save->addr)) == -1 &&
> retry_send());
>
> 0x0805af87 <nl_routechange+53>: mov 0x8062e78,%eax 0x0805af8c
> <nl_routechange+58>: pushl 0x118(%eax) #
> &daemon->srv_save->addr.sa 0x0805af92 <nl_routechange+64>: push
> $0x0 # 0 0x0805af94 <nl_routechange+66>: pushl
> 0x11c(%eax) # daemon->packet_len 0x0805af9a <nl_routechange+72>:
> pushl 0xf0(%eax) # daemon->packet 0x0805afa0
> <nl_routechange+78>: mov 0x118(%eax),%eax 0x0805afa6
> <nl_routechange+84>: mov 0x4c(%eax),%eax 0x0805afa9
> <nl_routechange+87>: pushl (%eax) #
> daemon->srv_save->sfd->fd, with sfd == 0 0x0805afab
> <nl_routechange+89>: call 0x8049958 <sendto at plt>
>
> (gdb) i r eax 0x0 0
>
> eax is zero, dereferencing it leads to a SEGV.
>
> It looks like dnsmasq received a HUP to re-read its config files and
> detected a route change shortly after that. It tries to re-send the
> last request, and derefences daemon->srv_save->sfd, which was set to
> 0 while re-reading the config files.
>
Many thanks, yes, that's an unintended side-effect of the random-port
changes in 2.43. I'll post a fixed version ASAP
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list