[BusyBox] httpd segfault
Vladimir N. Oleynik
dzo at simtreas.ru
Mon Dec 15 08:29:59 UTC 2003
Pete,
> I'm running into a segfault with httpd. I tracked this down to the
> config->referer handling.
>
> Specifically, if a request comes in that has a referrer in it, then
> config->referer is strdup'd to create a new string representing that
> value, in handleIncoming. Later when handleIncoming is done, this
> buffer is freed, but the config->referer pointer is NOT zero'd.
>
> If another request comes in after that, without a referer line, then
> the old config->referer pointer is free'd again, probably causing a
> segfault (at least it does on my system).
>
> The solution is to simply zero the config->referer pointer at the
> bottom of the handleIncoming function.
>
> Pete Flugstad
>
> PS: caught this with ElectricFence - all hail Electric Fence!!!
Its ElectricFence problem.
Its not double free. Its free(NULL) as modern-like for size and
speed optimizarion possibled trick.
--w
vodz
More information about the busybox
mailing list