From owner-freebsd-bugs Thu Jun 8 20:33:12 1995 Return-Path: bugs-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id UAA09945 for bugs-outgoing; Thu, 8 Jun 1995 20:33:12 -0700 Received: from Root.COM (implode.Root.COM [198.145.90.1]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id UAA09937 for ; Thu, 8 Jun 1995 20:33:08 -0700 Received: from corbin.Root.COM (corbin.Root.COM [198.145.90.18]) by Root.COM (8.6.8/8.6.5) with ESMTP id UAA07689; Thu, 8 Jun 1995 20:36:29 -0700 Received: from localhost (localhost [127.0.0.1]) by corbin.Root.COM (8.6.11/8.6.5) with SMTP id UAA00143; Thu, 8 Jun 1995 20:33:23 -0700 Message-Id: <199506090333.UAA00143@corbin.Root.COM> To: Matt Dillon , bugs@FreeBSD.org Subject: Re: connect() bug found and fixed (uninitialized pointer) In-reply-to: Your message of "Thu, 08 Jun 95 19:56:32 PDT." <199506090256.TAA00249@corbin.Root.COM> From: David Greenman Reply-To: davidg@Root.COM Date: Thu, 08 Jun 1995 20:33:23 -0700 Sender: bugs-owner@FreeBSD.org Precedence: bulk >> In case Dima didn't get this off to you, there's a bug in >> netinet/tcp_usrreq.c: tcp_connect()... the ifaddr is left >> uninitialized in the case where in_pcbladdr() fails. The fix >> is to check the error code from in_pcbladdr() and to return >> it rather then fall through to the remaining code if it comes >> back non-zero. >> >> I stuck a printf() in there to catch the condition as well just to >> see how often it occured... got about a hit every 10 minutes >> on our (very busy) FTP/WWW server from ftpd. > > Interesting...I'll have a look. Want to send me a diff for how you think it >should be fixed? Nevermind; it took all of about 2 seconds to see the obvious problem. It then took me a few minutes to determine if the problem would manifest itself. I think it would under some circumstances (resulting in a panic or weird behavior). The fix has been committed to CVS; thanks. -DG