Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 17 Sep 2001 20:39:15 -0700 (PDT)
From:      Ralf Meyer <meyerr@magellan.umontreal.ca>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   bin/30639: apmd crashes on SIGHUP (under certain conditions)
Message-ID:  <200109180339.f8I3dFs35404@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         30639
>Category:       bin
>Synopsis:       apmd crashes on SIGHUP (under certain conditions)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Sep 17 20:40:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Ralf Meyer
>Release:        4.x-STABLE
>Organization:
Université de Montréal
>Environment:
FreeBSD freyja.asgard 4.4-RC FreeBSD 4.4-RC #0: Mon Aug 20 21:43:14 EDT 2001     root@freyja.asgard:/usr/obj/usr/src/sys/FREYJA  i386
>Description:
After putting one apm_battery entry in apmd.conf, apmd crashes when receiving a 
SIGHUP. As far as I can see the crash is caused by a possible call to free with
an invalid pointer in the function destroy_config. This is due to the (faulty) double
advancement of the pointer to the linked-list of battery entries.

 
>How-To-Repeat:
Stop apmd
Activate one (not two) apm_battery entries in apmd.conf
Start apmd
send SIGHUP to apmd

Since the problem is IMHO related to an invalid call to free(), the exact outcome of 
this might depend on other factors. 
>Fix:
*** apmd.c      Mon Sep 17 22:26:25 2001
--- apmd.c.ori  Mon Aug 20 18:39:50 2001
***************
*** 412,414 ****

!       while( battery_watch_list ) {
                free_event_cmd_list(battery_watch_list->cmdlist);
--- 412,414 ----

!       for( ; battery_watch_list; battery_watch_list = battery_watch_list -> next) {
                free_event_cmd_list(battery_watch_list->cmdlist);

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109180339.f8I3dFs35404>