[isf-wifidog] seg fault

Clifford Thurber clifford at hdn.net
Lun 28 Juil 17:45:25 EDT 2008


I am running:
Fedora release 9 (Sulphur) on an Intel Xeon. I am going to try the fix you
suggested right now.


On Mon, Jul 28, 2008 at 5:20 PM, acv <acv at miniguru.ca> wrote:

> I've reproduced the bug on Ubuntu 7.10 x86_64. The fix is trivial,
> util.c must include <arpa/inet.h>. Right now this only happens if
> __NetBSD__ is defined.
>
> I've tested on Red Hat 7.3 (as a suitable substitute for antique
> Linux platform and as an i386 32-bit platform) and there it works
> regardless of whether <arpa/inet.h> is included. Although the man
> page says it's required.
>
> I don't have a 32-bit Ubuntu 7.10 to test whether 32-bit Linux as
> a whole is exempt from including that file. I'll commit the include
> to the SVN later today when I get home (hopefully I'll remember my
> password.) If someone else wants to check it in, go ahead.
>
> Temporary fix:
>
> In src/util.c, cut line 45 (#include <arpa/inet.h>) and paste it
> above line 44 (#if defined(__NetBSD__)).
>
> Cheers,
>
> Alex
>
> On Mon, Jul 28, 2008 at 04:57:28PM -0400, acv wrote:
> > Date: Mon, 28 Jul 2008 16:57:28 -0400
> > From: acv <acv at miniguru.ca>
> > To: WiFiDog Captive Portal <wifidog at listes.ilesansfil.org>
> > Mail-Followup-To: WiFiDog Captive Portal <wifidog at listes.ilesansfil.org>
> > Subject: Re: [isf-wifidog] seg fault
> >
> > On the surface, it looks like the bug is caused by inet_ntoa() not
> returning
> > a null-terminated string, that's why strlen() segfaults, it goes beyond
> the
> > end of the string. This could either be caused by inet_ntoa() failing or
> > the ioctl() call failing or even the memcpy() bit just below.
> >
> > Code snippet (lines 176-185 from src/util.c):
> >
> > 176        if (ioctl (sockd, SIOCGIFADDR, &if_data) < 0) {
> > 177                debug(LOG_ERR, "ioctl(): SIOCGIFADDR %s",
> strerror(errno));
> > 178                return NULL;
> > 179        }
> > 180        memcpy ((void *) &ip, (void *) &if_data.ifr_addr.sa_data + 2,
> 4);
> > 181        in.s_addr = ip;
> > 182
> > 183        ip_str = (char *)inet_ntoa(in);
> > 184        close(sockd);
> > 185        return safe_strdup(ip_str);
> >
> >       ioctl() errors are checked. Either the memcpy() call or its
> > pointer arithmetics is off? sa_data in a sockaddr_in struct starts
> > with a 16-bit value so the math looks OK. This stumps me right now,
> > what's the distro? Ubuntu 7.10?
> >
> > Alex
> >
> > On Mon, Jul 28, 2008 at 04:15:08PM -0400, Clifford Thurber wrote:
> > > Date: Mon, 28 Jul 2008 16:15:08 -0400
> > > From: "Clifford Thurber" <clifford at hdn.net>
> > > To: "WiFiDog Captive Portal" <wifidog at listes.ilesansfil.org>
> > > Subject: Re: [isf-wifidog] seg fault
> > >
> > > [root at wifidog src]# ifconfig eth1
> > > eth1      Link encap:Ethernet  HWaddr 00:18:8B:2E:B1:A5
> > >           inet addr:216.193.211.3  Bcast:216.193.211.255  Mask:
> 255.255.255.0
> > >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> > >           RX packets:194391 errors:0 dropped:0 overruns:0 frame:0
> > >           TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
> > >           collisions:0 txqueuelen:1000
> > >           RX bytes:12474968 (11.8 MiB)  TX bytes:16381 (15.9 KiB)
> > >           Interrupt:16 Memory:f8000000-f8012100
> > >
> > > On Mon, Jul 28, 2008 at 4:11 PM, acv <acv at miniguru.ca> wrote:
> > >
> > > > On Mon, Jul 28, 2008 at 03:43:14PM -0400, Clifford Thurber wrote:
> > > > >
> > > > > Program received signal SIGSEGV, Segmentation fault.
> > > > > 0x0000003ea6280eb0 in strlen () from /lib64/libc.so.6
> > > > > Missing separate debuginfos, use: debuginfo-install glibc.x86_64
> > > > > (gdb) bt
> > > > > #0  0x0000003ea6280eb0 in strlen () from /lib64/libc.so.6
> > > > > #1  0x0000003ea6280be6 in strdup () from /lib64/libc.so.6
> > > > > #2  0x000000000040bfdc in safe_strdup ()
> > > > > #3  0x0000000000409c64 in get_iface_ip ()
> > > > > #4  0x000000000040720b in main_loop ()
> > > > > #5  0x00000000004078a2 in main ()
> > > > > (gdb) exit
> > > >
> > > >         This is very strange. What's the output of ifconfig for that
> > > > interface?
> > > >
> > > > Alex
> > > >
> > > > _______________________________________________
> > > > WiFiDog mailing list
> > > > WiFiDog at listes.ilesansfil.org
> > > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> > > >
> >
> > > _______________________________________________
> > > WiFiDog mailing list
> > > WiFiDog at listes.ilesansfil.org
> > > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>
>
>
> > _______________________________________________
> > WiFiDog mailing list
> > WiFiDog at listes.ilesansfil.org
> > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20080728/214bb7a3/attachment-0001.htm 


Plus d'informations sur la liste de diffusion WiFiDog