[Olsr-dev] OLSRv2 Segfault

Vigneswaran R (spam-protected)
Fri Dec 27 11:10:47 CET 2013 

Hello,

I am running olsrd2 on a few (qemu) virtual machines. On one of the 
virtual machines, olsrd2 segfaults within a few seconds. I am invoking 
OLSRd2 in the following manner,

     ./olsrd2 --set interface[eth0].bindto=10.0.0.0/8 --set 
interface[eth1].bindto=10.0.0.0/8 --set interface[eth2].bindto=10.0.0.0/8

Traced the error using gdb to some extent. Please see the following 
patch for context.

In general, addr_start->_block_end becomes NULL just before exiting from 
the do..while loop. However, in some cases, addr_start->_block_end 
becomes NULL before the do..while loop meeting the exit criteria 
(addr_end == last_addr). So, the loop continues and trying to 
de-reference NULL pointer causing segfault.

--- a/oonf_api/src-api/rfc5444/rfc5444_msg_generator.c    2013-12-19 
18:27:48.471467295 +0530
+++ b/oonf_api/src-api/rfc5444/rfc5444_msg_generator.c    2013-12-27 
14:15:14.000000000 +0530
@@ -1180,7 +1180,7 @@
      tlvblock_length[0] = (ptr - tlvblock_length - 2) >> 8;
      tlvblock_length[1] = (ptr - tlvblock_length - 2) & 255;
      addr_start = list_next_element(addr_end, _addr_node);
-  } while (addr_end != last_addr);
+  } while (addr_end != last_addr && addr_start->_block_end != NULL);

    /* store size of address(tlv) data */
    msg->_bin_addr_size = ptr - start;


I am using the latest oonf_api (last commit: 
2355db6a460abe10cc7096842b3b10686c68012c) and olsrd2 (last commit: 
23051120419372a175ddb08fa8a3bb8d7d709f1e) repositories.

The Interface details are,

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
     inet6 ::1/128 scope host
        valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
state UP qlen 1000
     link/ether de:ad:be:ef:5a:38 brd ff:ff:ff:ff:ff:ff
     inet 10.5.11.1/8 brd 10.255.255.255 scope global eth0
     inet6 fe80::dcad:beff:feef:5a38/64 scope link
        valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
state UP qlen 1000
     link/ether de:ad:be:ef:0d:2f brd ff:ff:ff:ff:ff:ff
     inet 10.5.11.2/8 brd 10.255.255.255 scope global eth1
     inet6 fe80::dcad:beff:feef:d2f/64 scope link
        valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
state UP qlen 1000
     link/ether de:ad:be:ef:5a:39 brd ff:ff:ff:ff:ff:ff
     inet 10.5.11.3/8 brd 10.255.255.255 scope global eth2
     inet6 fe80::dcad:beff:feef:5a39/64 scope link
        valid_lft forever preferred_lft forever


Regards,
Vignesh

More information about the Olsr-dev mailing list