Hi ports@,
slowhttptest doesn't check that the argument passed to freeaddrinfo(3)
is not NULL, resulting in a segmentation fault.
This can be triggered in the current version by running:
slowhttptest -u example.org
The following diff fixes it.
Comments? OK?
Index: Makefile
===================================================================
RCS file: /cvs/ports/www/slowhttptest/Makefile,v
retrieving revision 1.15
diff -u -p -r1.15 Makefile
--- Makefile 2 Nov 2019 08:48:07 -0000 1.15
+++ Makefile 8 Nov 2019 13:39:33 -0000
@@ -5,6 +5,7 @@ COMMENT= test tool for slow HTTP reads/p
GH_ACCOUNT= shekyan
GH_PROJECT= slowhttptest
GH_TAGNAME= v1.8.1
+REVISION= 0
CATEGORIES= www security
Index: patches/patch-src_slowhttptest_cc
===================================================================
RCS file: patches/patch-src_slowhttptest_cc
diff -N patches/patch-src_slowhttptest_cc
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_slowhttptest_cc 8 Nov 2019 13:39:33 -0000
@@ -0,0 +1,18 @@
+$OpenBSD$
+
+Check that the argument passed to freeaddrinfo(3) is not NULL.
+
+Index: src/slowhttptest.cc
+--- src/slowhttptest.cc.orig
++++ src/slowhttptest.cc
+@@ -152,7 +152,9 @@ SlowHTTPTest::SlowHTTPTest(int delay, int duration,
+ }
+
+ SlowHTTPTest::~SlowHTTPTest() {
+- freeaddrinfo(addr_);
++ if (addr_) {
++ freeaddrinfo(addr_);
++ }
+
+ for(std::vector<StatsDumper*>::iterator i = dumpers_.begin();
+ i != dumpers_.end(); ++i) {
