From owner-freebsd-bugs Wed Aug 28 12:10:12 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF60B37B400 for ; Wed, 28 Aug 2002 12:10:02 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A95A43E42 for ; Wed, 28 Aug 2002 12:10:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g7SJA1JU036098 for ; Wed, 28 Aug 2002 12:10:01 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g7SJA1GK036097; Wed, 28 Aug 2002 12:10:01 -0700 (PDT) Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE52437B400 for ; Wed, 28 Aug 2002 12:07:44 -0700 (PDT) Received: from www.freebsd.org (www.FreeBSD.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6867B43E81 for ; Wed, 28 Aug 2002 12:05:52 -0700 (PDT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.12.4/8.12.4) with ESMTP id g7SJ5eOT080663 for ; Wed, 28 Aug 2002 12:05:40 -0700 (PDT) (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.12.4/8.12.4/Submit) id g7SJ5eua080662; Wed, 28 Aug 2002 12:05:40 -0700 (PDT) Message-Id: <200208281905.g7SJ5eua080662@www.freebsd.org> Date: Wed, 28 Aug 2002 12:05:40 -0700 (PDT) From: Randy Zach To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: misc/42135: Truss dumps core printing socket address Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 42135 >Category: misc >Synopsis: Truss dumps core printing socket address >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Aug 28 12:10:01 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Randy Zach >Release: 4.6.2 >Organization: Randy Zach Consulting >Environment: FreeBSD freeb.zach.com 4.6.2-RELEASE FreeBSD 4.6.2-RELEASE #0: Wed Aug 21 00:38:50 PDT 2002 zach@freeb.zach.com:/usr/obj/usr/src/sys/RZ i386 >Description: The pretty print code for Sockaddrs copies the target's socket structure using the target's socket len, regardless of whether or not it will fit in the sockaddr_storage struct. >How-To-Repeat: The following debug target will exercise the problem: #include #include #include #include main() { struct sockaddr_in addr; addr.sin_len = 250; addr.sin_family = AF_INET; addr.sin_port = htons(1234); addr.sin_addr.s_addr = 0x12345678; connect(123, (struct sockaddr *)&addr, 16); } truss ./a.out will terminate with truss dumping core. >Fix: In /usr/src/usr.bin/truss/syscalls.c *** syscalls.c Wed Aug 28 11:27:00 2002 --- syscalls.c.orig Wed Aug 28 11:39:12 2002 *************** *** 308,315 **** == -1) err(2, "get_struct %p", (void *)args[sc->offset]); } else { ! if (get_struct(fd, (void *)args[sc->offset], (void *)&ss, ! ss.ss_len < sizeof(ss) ? ss.ss_len : sizeof(ss)) == -1) err(2, "get_struct %p", (void *)args[sc->offset]); } --- 308,314 ---- == -1) err(2, "get_struct %p", (void *)args[sc->offset]); } else { ! if (get_struct(fd, (void *)args[sc->offset], (void *)&ss, ss.ss_len) == -1) err(2, "get_struct %p", (void *)args[sc->offset]); } >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message