3.0.x HEAD crashing

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed Jun 18 00:57:55 CEST 2014

On 17 Jun 2014, at 21:16, Phil Mayers <p.mayers at IMPERIAL.AC.UK> wrote:

> On 17/06/2014 20:02, Arran Cudbard-Bell wrote:
>> On 17 Jun 2014, at 19:32, Phil Mayers <p.mayers at IMPERIAL.AC.UK>
>> wrote:
>>> On 17/06/2014 18:05, Arran Cudbard-Bell wrote:
>>>> What modules are you using?
>>> Man, what are we not...
>>> The main things are:
>> ...
>> I figured the cache module would be involved in there somewhere. It's
>> really the only thing that does anything major with control
>> attributes...
>> That's interesting... well I noticed a check was missing for the
>> parenting of VALUE_PAIR data buffers. If one wasn't being copied
>> somewhere in the cache module, and being freed due to incorrect
>> parenting, it'd result in heap corruption.
>> I've added the check, could you run up v3.0.x HEAD and see if it
>> fails?
> Yeah, looks like that's it, it bombs out almost immediately with:
> CONSISTENCY CHECK FAILED src/lib/valuepair.c[2350]: VALUE_PAIR ICzone uint8_t data buffer is not parented by VALUE_PAIR 0xa08820, instead parented by 0x892f10 (value_pair_tmpl_t)
> SOFT ASSERT FAILED src/lib/debug.c[871]: 0

OK. Fixed the obvious places which might have triggered that. The code in tmpl2str for printing literals was not threadsafe and that's been fixed too.


Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20140617/a7b1aa6e/attachment.pgp>

More information about the Freeradius-Devel mailing list