Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 17 Sep 2001 16:01:03 -0500
From:      Alfred Perlstein <bright@mu.org>
To:        Matt Dillon <dillon@earth.backplane.com>
Cc:        hackers@FreeBSD.org
Subject:   Re: bug in sshd - signal during free()
Message-ID:  <20010917160103.Z968@elvis.mu.org>
In-Reply-To: <200109172032.f8HKW6M41638@earth.backplane.com>; from dillon@earth.backplane.com on Mon, Sep 17, 2001 at 01:32:06PM -0700
References:  <200109172032.f8HKW6M41638@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
* Matt Dillon <dillon@earth.backplane.com> [010917 15:32] wrote:
>     sshd died on one of our machines today.  The traceback seems to 
>     indicate that a signal is interrupting a free().  I'm going to 
>     play with the code a bit to see if there's an easy fix.
> 
>     This bug can't occur very often... the key regeneration signal
>     has to occur *just* as sshd is trying to free() something.

The bug seems more likely to be caused by use of unsafe functions
in a signal handler.

I'm really suprised that the OpenSSH team didn't slap whomever decided
to do so much processing within a signal handler silly.

> 
> 						-Matt
> 
> (gdb) back
> #0  0x28231e34 in kill () from /usr/lib/libc.so.4
> #1  0x2826dd8a in abort () from /usr/lib/libc.so.4
> #2  0x2826c899 in isatty () from /usr/lib/libc.so.4
> #3  0x2826c8cf in isatty () from /usr/lib/libc.so.4
> #4  0x2826d907 in malloc () from /usr/lib/libc.so.4
> #5  0x2826be58 in __smakebuf () from /usr/lib/libc.so.4
> #6  0x2826bdec in __swsetup () from /usr/lib/libc.so.4
> #7  0x282663ef in vfprintf () from /usr/lib/libc.so.4
> #8  0x28266059 in fprintf () from /usr/lib/libc.so.4
> #9  0x2824e0ed in vsyslog () from /usr/lib/libc.so.4
> #10 0x2824e009 in syslog () from /usr/lib/libc.so.4
> #11 0x804feb3 in do_log ()
> #12 0x806ade3 in log ()
> #13 0x804c742 in key_regeneration_alarm ()
> #14 0xbfbfffac in ?? ()
> #15 0x2826da35 in free () from /usr/lib/libc.so.4
> #16 0x805f087 in xfree ()
> #17 0x804d8be in main ()
> #18 0x804c50d in _start ()
> (gdb) 

-- 
-Alfred Perlstein [alfred@freebsd.org]
'Instead of asking why a piece of software is using "1970s technology,"
start asking why software is ignoring 30 years of accumulated wisdom.'

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010917160103.Z968>