Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 9 Mar 1997 15:33:48 -0800 (PST)
From:      chern@tiger.towson.edu
To:        freebsd-gnats-submit@freebsd.org
Subject:   bin/2925: non-priviledged user can crash FreeBSD!!
Message-ID:  <199703092333.PAA20325@freefall.freebsd.org>
Resent-Message-ID: <199703092340.PAA20676@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         2925
>Category:       bin
>Synopsis:       non-priviledged user can crash FreeBSD!!
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar  9 15:40:03 PST 1997
>Last-Modified:
>Originator:     Eric Fang
>Organization:
just a student
>Release:        FreeBSD-2.1.5
>Environment:
FreeBSD vorlon.patriot.net 2.1.5-RELEASE FreeBSD 2.1.5-RELEASE #0: 
Wed Jul 17 03:09:31  1996 
jkh@whisker.cdrom.com:/usr/src/sys/compile/GENERIC  i386

(The CPU is a Cyrix 6x86 PR150+, 64M EDO RAM, 128M Swap partition)
>Description:
I simulated a situation as a novice c++ programmer/student writing
code using pointers.  I was curious and changed the code to be infinite
loop and it would keep creating pointers/data structure.  When I ran this
program as a normal user, and then switched virtual console (Alt-F?) to
root login with 'top' running.  The first time it exited okay saying not 
enough swap space.  Then I ran the same program more than 3 instances in a row with '&' 
background running.  The system simply crashed and stopped.  I waited for 
more than 15mins to see if it would recover, but it didn't.  I will be 
upgrading to 2.1.7 to see if it will occur also.  
>How-To-Repeat:
compile this c++ code and run this program many instances
at the same time (lost the original, this is the
closest possible):

public:
	int Number;
	IntList	*Next;
};
                        

void main() {
	int Number=10000;
	
	IntList *ListPtr;
	
	IntList *LastPtr = 0;
	IntList *First = 0;
	
	while (1) {
		ListPtr = new IntList;
		ListPtr->Number = Number;
		ListPtr->Next = 0;
		if (LastPtr)
			LastPtr->Next = ListPtr;
		else
			First = ListPtr;
		
		LastPtr = ListPtr;
	}
	if (First) {  
			ListPtr = First;
		
		do {
			cout << ListPtr->Number << " ";
			ListPtr = ListPtr->Next;
		}
		while (ListPtr);
		
		cout << "\n";
	}
	cout << "Bye bye!\n";
}
>Fix:

>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703092333.PAA20325>