busybox 1.9.1 syslogd segfaults on startup
Denys Vlasenko
vda.linux at googlemail.com
Mon Feb 25 21:58:45 UTC 2008
On Monday 25 February 2008 22:17, Clem Taylor wrote:
> On Sat, Feb 23, 2008 at 2:58 AM, Tito <farmatito at tiscali.it> wrote:
> > /* Store away localhost's name before the fork */
> > if (gethostname(G.localHostName, 64 -1) != 0)
> > bb_error_msg_and_die("gethostname");
> > /* "It is unspecified whether the truncated hostname
> > * will be null-terminated". Idiots! */
> > G.localHostName[64 -1] = '\0';
> > *strchrnul(G.localHostName, '.') = '\0';
>
> In this case it is crashing inside of gethostname(). The hostname is
> only 10 bytes (9+1), so I don't think the above is the problem. I
> wrote up a quick test program for gethostname() and uname(), and it
> was happy. gdb shows that (*ptr_to_globals) is okay. I can't see any
> obvious reason why this is crashing. I moved localHostName out of
> globals and everything is happy.
>
> Any ideas?
can you test whether other libc functions will crash similarly?
Say,
memset(G.localHostName, 0x77, 63); // crashes or not?
memset(G.localHostName, 0x77, 64); // crashes or not?
If they don't crash, then gethostname does not just store
data in G.localHostName. If they crash, then... ptr_to_globals
points to an allocated area which is too small?
PTR_TO_GLOBALS = memcpy(xzalloc(sizeof(G)), &init_data, sizeof(init_data));
Is sizeof(G) ok? (Do printf("%d\n", sizeof(G) somewhere)
--
vda
More information about the busybox
mailing list