Date: Wed, 7 Jun 2000 11:20:01 -0700 (PDT) From: Ruslan Ermilov <ru@sunbay.com> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/19096: core dump using ftp and telnet Message-ID: <200006071820.LAA12599@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/19096; it has been noted by GNATS.
From: Ruslan Ermilov <ru@sunbay.com>
To: liveevil@tasam.com
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: bin/19096: core dump using ftp and telnet
Date: Wed, 7 Jun 2000 21:12:59 +0300
On Wed, Jun 07, 2000 at 09:50:03AM -0700, liveevil@tasam.com wrote:
>
> Number: 19096
> Synopsis: core dump using ftp and telnet
> Severity: non-critical
> Priority: low
> Release: 4.0-STABLE FreeBSD 4.0-STABLE
>
It turns out to be the problem with libc.
Maybe, _hpcopy() should check for value of *errp???
Script started on Wed Jun 7 21:06:04 2000
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
Core was generated by `ftp'.
Program terminated with signal 11, Segmentation fault.
#0 0x807321e in _hpcopy (hp=0xbfbff4a0, errp=0xbfbff590)
at /usr/src/lib/libc/../libc/net/name6.c:559
559 if (**pp != '\0') {
(gdb) l
554 size = sizeof(struct hostent);
555 if (hp->h_name != NULL && *hp->h_name != '\0')
556 size += strlen(hp->h_name) + 1;
557 if ((pp = hp->h_aliases) != NULL) {
558 for (i = 0; *pp != NULL; i++, pp++) {
559 if (**pp != '\0') {
560 size += strlen(*pp) + 1;
561 nalias++;
562 }
563 }
(gdb) print pp
$1 = (char **) 0xbfbff0a4
(gdb) print *pp
$2 = 0x1000100 <Address 0x1000100 out of bounds>
(gdb) up
#1 0x8074714 in _res_search_multi (name=0x80bb0a0 "*.exitmoney.com",
rtl=0xbfbff4dc, errp=0xbfbff590)
at /usr/src/lib/libc/../libc/net/name6.c:1352
1352 hp = _hpcopy(&hpbuf, errp);
(gdb) l
1347 hpbuf.h_addrtype = (rtl->rtl_type == T_AAAA)
1348 ? AF_INET6 : AF_INET;
1349 hpbuf.h_length = ADDRLEN(hpbuf.h_addrtype);
1350 hp = getanswer(&buf, ret, name, rtl->rtl_type,
1351 &hpbuf, errp);
1352 hp = _hpcopy(&hpbuf, errp);
1353 hp0 = _hpmerge(hp0, hp, errp);
1354 }
1355 }
1356 if (hp0 != NULL)
(gdb) print *errp
$3 = 3
(gdb) quit
Script done on Wed Jun 7 21:07:30 2000
--
Ruslan Ermilov Oracle Developer/DBA,
ru@sunbay.com Sunbay Software AG,
ru@FreeBSD.org FreeBSD committer,
+380.652.512.251 Simferopol, Ukraine
http://www.FreeBSD.org The Power To Serve
http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006071820.LAA12599>