[Wifidog] Wifidog segfault
David Vincelli
micologist at gmail.com
Thu Oct 28 13:33:57 EDT 2004
I assume the crash occurs here (only read() call):
numbytes = totalbytes = 0;
while ((numbytes = read(sockfd, request + totalbytes,
MAX_BUF - (totalbytes + 1))) > 0)
totalbytes =+ numbytes;
if (numbytes == -1) {
debug(LOG_ERR, "read(): %s", strerror(errno));
mark_auth_server_bad(auth_server);
close(sockfd);
return;
}
What happens when (totalbytes + 1) > MAX_BUF (and/or if request +
totalbytes points to an invalid memory address?) Do you _have_ to do
pointer arithmetic?
Does the debug call show up in the logs? If so, what does it log?
On Thu, 28 Oct 2004 12:48:24 -0400, Philippe April
<isf_lists at philippeapril.com> wrote:
> > I fixed the long key crash, Mina hit it right on the head with
> > that "char var[50]". I malloc() it to the size of the whole query and it
> > doesn't crash anymore. This is in CVS now.
>
> Nice... Good work. I'll test that and apply to some hotspots, will let you guys
> know so we can monitor.
>
> Not sure where to start on the read() bug though...
>
> Philippe
>
>
> _______________________________________________
> Wifidog mailing list
> Wifidog at isf.waglo.com
> http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com
>
>
>
--
the micologist
More information about the Wifidog
mailing list