[
https://issues.apache.org/jira/browse/DISPATCH-1941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17283991#comment-17283991
]
ASF subversion and git services commented on DISPATCH-1941:
-----------------------------------------------------------
Commit ce7c5a0cddb89fb32c80ebf7e3773d9a9e6ac973 in qpid-dispatch's branch
refs/heads/master from Ken Giusti
[ https://gitbox.apache.org/repos/asf?p=qpid-dispatch.git;h=ce7c5a0 ]
DISPATCH-1941: fix http1 parser to detect null characters
> Crash in HTTP1 adaptor: member access within null pointer of type 'const
> struct qd_buffer_t'
> --------------------------------------------------------------------------------------------
>
> Key: DISPATCH-1941
> URL: https://issues.apache.org/jira/browse/DISPATCH-1941
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Protocol Adaptors
> Affects Versions: 1.15.0
> Reporter: Jiri Daněk
> Assignee: Ken Giusti
> Priority: Major
> Labels: crash
> Fix For: 1.16.0
>
>
> https://github.com/jiridanek/qpid-dispatch/runs/1801886361?check_suite_focus=true#step:9:1844
> {noformat}
> ../include/qpid/dispatch/buffer.h:83:44: runtime error: member access within
> null pointer of type 'const struct qd_buffer_t'
> AddressSanitizer:DEADLYSIGNAL
> =================================================================
> ==31711==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc
> 0x7fb51d73dd10 bp 0x7fb50883e7b0 sp 0x7fb50883e790 T4)
> ==31711==The signal is caused by a READ memory access.
> ==31711==Hint: address points to the zero page.
> #0 0x7fb51d73dd10 in qd_buffer_cursor ../include/qpid/dispatch/buffer.h:83
> #1 0x7fb51d741af7 in ensure_outgoing_capacity
> ../src/adaptors/http1/http1_codec.c:346
> #2 0x7fb51d741bbd in write_string ../src/adaptors/http1/http1_codec.c:356
> #3 0x7fb51d753cf3 in h1_codec_tx_request
> ../src/adaptors/http1/http1_codec.c:1448
> #4 0x7fb51d79435a in _send_request_headers
> ../src/adaptors/http1/http1_server.c:1291
> #5 0x7fb51d795193 in _encode_request_message
> ../src/adaptors/http1/http1_server.c:1369
> #6 0x7fb51d79671b in _send_request_message
> ../src/adaptors/http1/http1_server.c:1431
> #7 0x7fb51d7973e7 in qdr_http1_server_core_link_deliver
> ../src/adaptors/http1/http1_server.c:1505
> #8 0x7fb51d761042 in _core_link_deliver
> ../src/adaptors/http1/http1_adaptor.c:569
> #9 0x7fb51d96fc71 in qdr_link_process_deliveries
> ../src/router_core/transfer.c:176
> #10 0x7fb51d760d1b in _core_link_push
> ../src/adaptors/http1/http1_adaptor.c:550
> #11 0x7fb51d8ab61e in qdr_connection_process
> ../src/router_core/connections.c:412
> #12 0x7fb51d786664 in _do_reconnect
> ../src/adaptors/http1/http1_server.c:417
> #13 0x7fb51d9f701a in qd_timer_visit ../src/timer.c:201
> #14 0x7fb51d9e59c5 in handle ../src/server.c:1008
> #15 0x7fb51d9e764d in thread_run ../src/server.c:1122
> #16 0x7fb51d87006f in _thread_init ../src/posix/threading.c:172
> #17 0x7fb51d18beac in start_thread
> (/nix/store/9df65igwjmf2wbw0gbrrgair6piqjgmi-glibc-2.31/lib/libpthread.so.0+0x7eac)
> #18 0x7fb51c327d2e in __GI___clone
> (/nix/store/9df65igwjmf2wbw0gbrrgair6piqjgmi-glibc-2.31/lib/libc.so.6+0xf7d2e)
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV ../include/qpid/dispatch/buffer.h:83 in
> qd_buffer_cursor
> Thread T4 created by T0 here:
> #0 0x7fb51e1a22a2 in __interceptor_pthread_create
> (/nix/store/9f76hk7scn4lll0rc7da0rixhgc8r28a-gcc-10.2.0-lib/lib/libasan.so.6+0x582a2)
> #1 0x7fb51d8701da in sys_thread ../src/posix/threading.c:181
> #2 0x7fb51d9ee89d in qd_server_run ../src/server.c:1482
> #3 0x4026e4 in main_process ../router/src/main.c:113
> #4 0x404564 in main ../router/src/main.c:367
> #5 0x7fb51c253c7c in __libc_start_main
> (/nix/store/9df65igwjmf2wbw0gbrrgair6piqjgmi-glibc-2.31/lib/libc.so.6+0x23c7c)
> ==31711==ABORTING
> <<<<
> {noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
