Changeset 903f64d


Ignore:
Timestamp:
09/01/16 16:15:23 (4 years ago)
Author:
Shane Alcock <salcock@…>
Branches:
4.0.1-hotfixes, cachetimestamps, develop, dpdk-ndag, etsilive, master, ndag_format, rc-4.0.1, rc-4.0.2, rc-4.0.3, rc-4.0.4, ringdecrementfix, ringperformance, ringtimestampfixes
Children:
1d780e4
Parents:
62dec50
Message:

Fix segfault when destroying a packet from an EOF'd trace.

The problem is caused by not setting packet->trace to be NULL when
read_packet is going to return EOF. As a result, the trace_destroy()
code thinks that there are no packets pointing to the trace about
to be destroyed. Since there are no packets that need to be unlinked
from the trace (i.e. have their ->trace pointers set to NULL), the
unlinking step is skipped.

In actuality, we still have the packet that we tried
to read into when we got an EOF still pointing at the trace -- as soon
as we try to destroy that packet, it tries to access the trace structure
that we just freed with trace_destroy(), causing the segfault.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • lib/trace.c

    ree6e802 r903f64d  
    694694
    695695        /* Finish any the last packet we read - for backwards compatibility */
    696         if (libtrace->last_packet)
     696        if (libtrace->last_packet) {
    697697                trace_fin_packet(libtrace->last_packet);
     698        }
    698699        assert(libtrace->last_packet == NULL);
    699700
     
    748749                 free(libtrace->event.packet);
    749750        }
     751
    750752        free(libtrace);
    751753}
     
    913915                 * may have allocated it and zeroing all data associated with it.
    914916                 */
    915                 if (packet->trace == libtrace)
     917                if (packet->trace == libtrace) {
    916918                        trace_fin_packet(packet);
     919                }
    917920                do {
    918921                        size_t ret;
     
    923926                        ret=libtrace->format->read_packet(libtrace,packet);
    924927                        if (ret==(size_t)-1 || ret==0) {
     928                                packet->trace = NULL;
    925929                                return ret;
    926930                        }
Note: See TracChangeset for help on using the changeset viewer.