lib/40753: sendto(2) cause SIGSEGV, when send data to unreachable host

To: lib-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: lib/40753: sendto(2) cause SIGSEGV, when send data to unreachable host
From: spetrov%mallsi.com@localhost
Date: Wed, 25 Feb 2009 13:45:00 +0000 (UTC)

>Number:         40753
>Category:       lib
>Synopsis:       sendto(2) cause SIGSEGV, when send data to unreachable host
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    lib-bug-people
>State:          open
>Class:          support
>Submitter-Id:   net
>Arrival-Date:   Wed Feb 25 13:45:00 +0000 2009
>Originator:     Svetoslav Petrov
>Release:        4.0.1
>Organization:
none
>Environment:
NetBSD  4.0.1 NetBSD 4.0.1 (GENERIC.MP) #0: Tue Oct  7 21:00:48 PDT 2008  
builds@wb28:/home/builds/ab/netbsd-4-0-1-RELEASE/amd64/200810080053Z-obj/home/builds/ab/netbsd-4-0-1-RELEASE/src/sys/arch/amd64/compile/GENERIC.MP
 amd64

>Description:
got SIGSEGV when using sendto(2) to send data through UDP socket, to 
unreachable host.

run simple program (test.c)

here is tcpdump on interface
-----------------
07:19:17.704546 arp who-has 172.16.40.1 tell 172.16.40.2
07:19:18.004876 arp who-has 172.16.40.1 tell 172.16.40.2
07:19:19.004989 arp who-has 172.16.40.1 tell 172.16.40.2
07:19:20.004424 arp who-has 172.16.40.1 tell 172.16.40.2
07:19:21.004428 arp who-has 172.16.40.1 tell 172.16.40.2
------------------

after this program (simple program test.c) got SIGSEGV.

it is more details on section "how to repeat the problem"
>How-To-Repeat:
run simple program test.c:

simple program test.c :
-----------------------------
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <errno.h>
#include <pthread.h>

int main(void)
{
        struct sockaddr_in sin;

        sin.sin_addr.s_addr = inet_addr("172.16.40.1");/* 172.16.4.1 is 
unreachable address */
        sin.sin_family = AF_INET;
        sin.sin_port = htons(10000);

        int sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
        if (sock < 0)
        {
                perror("socket()");
                return -1;
        }

        char buff[1024];
        int slen;

        while (1)
        {
                slen = sendto(sock, buff, sizeof(buff), 0, (struct 
sockaddr*)&sin, sizeof(sin));
                if (slen != sizeof(buff))
                {
                        fprintf(stderr, "send(): %s\n", strerror(errno));
                        break;
                }
        }

        close(sock);

        return 0;
}
-----------------------------------------------------
bash-3.2# make
cc -o test test.c   -g
bash-3.2# gdb ./test
GNU gdb 5.3nb1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "x86_64--netbsd"...
(gdb) run
Starting program: /root/programs/test/test

Program received signal SIGSEGV, Segmentation fault.
0x00007f7ffdbcea70 in strlen () from /usr/lib/libc.so.12
(gdb)

>Fix:

Prev by Date: Re: port-i386/40752: x86 bootloader panic()/exit() loop
Next by Date: kern/40755: Hang on mounting immediately after newfs
Previous by Thread: Re: port-i386/20399: log1p and log1pf inaccuracies have been fixed
Next by Thread: kern/40755: Hang on mounting immediately after newfs
Indexes:

Home | Main Index | Thread Index | Old Index