Re: ipfw bug on i386
On Mon, Apr 12, 2010 at 11:15:45AM +0400, Hizel Ildar wrote: > ?? Mon, 12 Apr 2010 10:42:25 +0400 > "Andrey V. Elsukov" ??: > > > On 12.04.2010 10:07, Hizel Ildar wrote: > > > Hey! I'm fix this bug :D > > > > > > patch: > > > > > > foo# diff -ruN main.c~ main.c > > > --- main.c~ 2010-03-04 19:54:56.0 +0300 > > > +++ main.c 2010-04-12 09:37:21.0 +0400 > > > @@ -553,7 +553,7 @@ > > > } > > > > > > while (fgets(buf, BUFSIZ, f)) { /* read commands */ > > > - char linename[10]; > > > + char linename[11]; > > > char *args[2]; > > > > > > lineno++; > > > > Can you test your it with 100k lines? :) > > I think it can be fixed with something similar to: > > > > - sprintf(linename, "Line %d", lineno); > > + snprintf(linename, sizeof(linename), "Line %d", > > lineno); > > > > > and the variable linename will be incorrect information, it is necessary > to increase the linename to 16 at least > > char linename[16] indeed. i just committed something like this, with a larger buffer. thanks for the feedback luigi > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org" ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: ipfw bug on i386
В Mon, 12 Apr 2010 10:42:25 +0400 "Andrey V. Elsukov" пишет: > On 12.04.2010 10:07, Hizel Ildar wrote: > > Hey! I'm fix this bug :D > > > > patch: > > > > foo# diff -ruN main.c~ main.c > > --- main.c~ 2010-03-04 19:54:56.0 +0300 > > +++ main.c 2010-04-12 09:37:21.0 +0400 > > @@ -553,7 +553,7 @@ > > } > > > > while (fgets(buf, BUFSIZ, f)) { /* read commands */ > > - char linename[10]; > > + char linename[11]; > > char *args[2]; > > > > lineno++; > > Can you test your it with 100k lines? :) > I think it can be fixed with something similar to: > > - sprintf(linename, "Line %d", lineno); > + snprintf(linename, sizeof(linename), "Line %d", > lineno); > and the variable linename will be incorrect information, it is necessary to increase the linename to 16 at least char linename[16] ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: ipfw bug on i386
On 12.04.2010 10:07, Hizel Ildar wrote: Hey! I'm fix this bug :D patch: foo# diff -ruN main.c~ main.c --- main.c~ 2010-03-04 19:54:56.0 +0300 +++ main.c 2010-04-12 09:37:21.0 +0400 @@ -553,7 +553,7 @@ } while (fgets(buf, BUFSIZ, f)) { /* read commands */ - char linename[10]; + char linename[11]; char *args[2]; lineno++; Can you test your it with 100k lines? :) I think it can be fixed with something similar to: - sprintf(linename, "Line %d", lineno); + snprintf(linename, sizeof(linename), "Line %d", lineno); -- WBR, Andrey V. Elsukov ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: ipfw bug on i386
12.04.2010 10:07, Hizel Ildar пишет: В Sun, 11 Apr 2010 11:23:59 +0400 Alex Keda пишет: srv5# more /tmp/a.sh table="24" ipfw table $table flush for octet3 in `jot - 1 60` do for octet4 in `jot - 1 254` do echo "table $table add 192.168.$octet3.$octet4">> /tmp/$$.txt done done ipfw /tmp/$$.txt rm -f /tmp/$$.txt effect: srv5# sh /tmp/a.sh Abort trap (core dumped) srv5# srv5# ll ipfw.core -rw--- 1 root wheel - 1,9M 11 апр 11:22 ipfw.core srv5# Tested on 8,9 i386 - core dump, amd64 - all OK 7 - all OK ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org" Hey! I'm fix this bug :D patch: foo# diff -ruN main.c~ main.c --- main.c~ 2010-03-04 19:54:56.0 +0300 +++ main.c 2010-04-12 09:37:21.0 +0400 @@ -553,7 +553,7 @@ } while (fgets(buf, BUFSIZ, f)) { /* read commands */ - char linename[10]; + char linename[11]; char *args[2]; lineno++; so, it limit 100k addresses in table? with 7-STABLE I have more than 100k IP and all work correct srv1# ipfw table 25 list | wc -l 104294 srv1# uname -a FreeBSD srv1.host-food.ru 7.2-STABLE FreeBSD 7.2-STABLE #0: Sun Oct 4 01:38:34 MSD 2009 lissy...@srv.host-food.ru:/home/obj/usr/src/sys/HOST-FOOD i386 srv1# ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: ipfw bug on i386
В Mon, 12 Apr 2010 10:07:56 +0400 Hizel Ildar пишет: > В Sun, 11 Apr 2010 11:23:59 +0400 > Alex Keda пишет: > > > srv5# more /tmp/a.sh > > table="24" > > ipfw table $table flush > > for octet3 in `jot - 1 60` > > do > > for octet4 in `jot - 1 254` > >do > > echo "table $table add 192.168.$octet3.$octet4" >> /tmp/$$.txt > >done > > done > > ipfw /tmp/$$.txt > > rm -f /tmp/$$.txt > > > > effect: > > > > srv5# sh /tmp/a.sh > > Abort trap (core dumped) > > srv5# > > srv5# ll ipfw.core > > -rw--- 1 root wheel - 1,9M 11 апр 11:22 ipfw.core > > srv5# > > > > Tested on 8,9 i386 - core dump, amd64 - all OK > > 7 - all OK > > > > ___ > > freebsd-current@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-current > > To unsubscribe, send any mail to > > "freebsd-current-unsubscr...@freebsd.org" > > > > Hey! I'm fix this bug :D > > patch: > > foo# diff -ruN main.c~ main.c > --- main.c~ 2010-03-04 19:54:56.0 +0300 > +++ main.c 2010-04-12 09:37:21.0 +0400 > @@ -553,7 +553,7 @@ > } > > while (fgets(buf, BUFSIZ, f)) { /* read commands */ > - char linename[10]; > + char linename[11]; > char *args[2]; > > lineno++; > ___ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to > "freebsd-current-unsubscr...@freebsd.org" > this is backtrace without my patch: foo# gdb /sbin/ipfw ipfw.core GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd"... Core was generated by `ipfw'. Program terminated with signal 6, Aborted. Reading symbols from /lib/libutil.so.9...done. Loaded symbols for /lib/libutil.so.9 Reading symbols from /lib/libc.so.7...done. Loaded symbols for /lib/libc.so.7 Reading symbols from /libexec/ld-elf.so.1...done. Loaded symbols for /libexec/ld-elf.so.1 #0 0x281eee1b in kill () at kill.S:3 3 RSYSCALL(kill) (gdb) bt #0 0x281eee1b in kill () at kill.S:3 #1 0x280e8ef5 in __fail (msg=0x281f3730 "stack overflow detected; terminated") at /usr/src/lib/libc/sys/stack_protector.c:95 #2 0x280e8f30 in __stack_chk_fail () at /usr/src/lib/libc/sys/stack_protector.c:102 #3 0x08057f44 in ipfw_readfile (ac=2, av=0xbfbfecac) at /usr/src/sbin/ipfw/main.c:581 #4 0x08057fca in main (ac=2, av=0xbfbfecac) at /usr/src/sbin/ipfw/main.c:606 Current language: auto; currently asm foo# uname -a FreeBSD foo.vyborg.ru 9.0-CURRENT FreeBSD 9.0-CURRENT #1: Sun Apr 11 21:00:05 MSD 2010 r...@foo.vyborg.ru:/usr/obj/usr/src/sys/GENERIC i386 ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: ipfw bug on i386
В Sun, 11 Apr 2010 11:23:59 +0400 Alex Keda пишет: > srv5# more /tmp/a.sh > table="24" > ipfw table $table flush > for octet3 in `jot - 1 60` > do > for octet4 in `jot - 1 254` >do > echo "table $table add 192.168.$octet3.$octet4" >> /tmp/$$.txt >done > done > ipfw /tmp/$$.txt > rm -f /tmp/$$.txt > > effect: > > srv5# sh /tmp/a.sh > Abort trap (core dumped) > srv5# > srv5# ll ipfw.core > -rw--- 1 root wheel - 1,9M 11 апр 11:22 ipfw.core > srv5# > > Tested on 8,9 i386 - core dump, amd64 - all OK > 7 - all OK > > ___ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to > "freebsd-current-unsubscr...@freebsd.org" > Hey! I'm fix this bug :D patch: foo# diff -ruN main.c~ main.c --- main.c~ 2010-03-04 19:54:56.0 +0300 +++ main.c 2010-04-12 09:37:21.0 +0400 @@ -553,7 +553,7 @@ } while (fgets(buf, BUFSIZ, f)) { /* read commands */ - char linename[10]; + char linename[11]; char *args[2]; lineno++; ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
ipfw bug on i386
srv5# more /tmp/a.sh table="24" ipfw table $table flush for octet3 in `jot - 1 60` do for octet4 in `jot - 1 254` do echo "table $table add 192.168.$octet3.$octet4" >> /tmp/$$.txt done done ipfw /tmp/$$.txt rm -f /tmp/$$.txt effect: srv5# sh /tmp/a.sh Abort trap (core dumped) srv5# srv5# ll ipfw.core -rw--- 1 root wheel - 1,9M 11 апр 11:22 ipfw.core srv5# Tested on 8,9 i386 - core dump, amd64 - all OK 7 - all OK ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"