I got bitten by this bug as well when I tried to run
ntp-server 4.2.0a+stable-2 on a sarge box running 2.4.18-bf2.4
with
server ts1.univie.ac.at
server ts2.univie.ac.at
in ntp.conf.
I recompiled the source package to get debugging symbols and
spent the next 3 hours cursing at gdb.
Finding the place of the null-pointer dereference was easy:
Program received signal SIGSEGV, Segmentation fault.
0x08051ab0 in sendpkt (dest=0x80b6480, inter=0x0, ttl=0, pkt=0xbffff450,
len=48) at ../../ntpd/ntp_io.c:1413
1413 switch (inter->sin.ss_family) {
(gdb) bt
#0 0x08051ab0 in sendpkt (dest=0x80b6480, inter=0x0, ttl=0, pkt=0xbffff450,
len=48) at ../../ntpd/ntp_io.c:1413
#1 0x08068c7c in peer_xmit (peer=0x80b6478) at ../../ntpd/ntp_proto.c:2418
#2 0x08064789 in transmit (peer=0x80b6478) at ../../ntpd/ntp_proto.c:301
#3 0x0807324c in timer () at ../../ntpd/ntp_timer.c:289
#4 0x08053ab2 in ntpdmain (argc=4, argv=0xbffffb44) at ../../ntpd/ntpd.c:1079
#5 0x080534ce in main (argc=4, argv=0xbffffb44) at ../../ntpd/ntpd.c:239
(gdb)
basically: peer->inter was NULL.
Reason: ntpd didn't properly initialize the sending interface for this peer.
Now things got messy, but I nailed it down to getnetnum() where the hints
for the getaddrinfo() call are initialized as:
if (addr->ss_family == AF_INET || addr->ss_family == AF_INET6)
hints.ai_family = addr->ss_family;
else
hints.ai_family = AF_UNSPEC;
which in our case meant AF_UNSPEC (as we only had the name).
If there is a AAAA record for this name, my system defaults to IPv6,
but as I don't have a v6 interface in my box, ntpd can't find the
interface and seems to leave it NULL, leading to the memfault later on.
--------
Some later kernel (or libc versions?) default to IPv4, bypassing
the problem. Also: if all the people trying to reproduce the bug
didn't use a nameserver with AAAA records, it's clear that they
could not see it.
Bugger.
The *really* simple solution:
Use the following lines in your ntp.conf:
server -4 ts1.univie.ac.at
server -4 ts2.univie.ac.at
(making ntpd fail gracefully is left to the reader as an exercise.)
Share and Enjoy!
(this might close #263570 as well)
/ol
--
-=- Otmar Lendl -- [EMAIL PROTECTED] -=-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
