View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002081 | GNUnet | cadet service | public | 2012-01-17 19:34 | 2012-02-28 11:05 |
| Reporter | Christian Grothoff | Assigned To | Bart Polot | ||
| Priority | urgent | Severity | major | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | Git master | ||||
| Target Version | 0.9.2 | Fixed in Version | 0.9.2 | ||
| Summary | 0002081: use after free in client_allow_send (valgrind report) | ||||
| Description | ==32345== Invalid read of size 8 ==32345== at 0x402277: client_allow_send (gnunet-service-mesh.c:742) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== by 0x528BF53: GNUNET_SERVICE_run (service.c:1712) ==32345== by 0x40FB48: main (gnunet-service-mesh.c:4501) ==32345== Address 0x62df480 is 16 bytes inside a block of size 40 free'd ==32345== at 0x4C240FD: free (vg_replace_malloc.c:366) ==32345== by 0x524E0EB: GNUNET_xfree_ (common_allocation.c:201) ==32345== by 0x40685A: tunnel_send_multicast (gnunet-service-mesh.c:2091) ==32345== by 0x40A2BF: handle_mesh_data_multicast (gnunet-service-mesh.c:2967) ==32345== by 0x40EFD5: handle_local_multicast (gnunet-service-mesh.c:4159) ==32345== by 0x52820E6: GNUNET_SERVER_inject (server.c:709) ==32345== by 0x5282BAA: client_message_tokenizer_callback (server.c:931) ==32345== by 0x528417F: GNUNET_SERVER_mst_receive (server_mst.c:261) ==32345== by 0x52828CD: process_incoming (server.c:861) ==32345== by 0x5257376: receive_ready (connection.c:1193) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== ==32345== Invalid read of size 8 ==32345== at 0x402370: client_allow_send (gnunet-service-mesh.c:743) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== by 0x528BF53: GNUNET_SERVICE_run (service.c:1712) ==32345== by 0x40FB48: main (gnunet-service-mesh.c:4501) ==32345== Address 0x62df480 is 16 bytes inside a block of size 40 free'd ==32345== at 0x4C240FD: free (vg_replace_malloc.c:366) ==32345== by 0x524E0EB: GNUNET_xfree_ (common_allocation.c:201) ==32345== by 0x40685A: tunnel_send_multicast (gnunet-service-mesh.c:2091) ==32345== by 0x40A2BF: handle_mesh_data_multicast (gnunet-service-mesh.c:2967) ==32345== by 0x40EFD5: handle_local_multicast (gnunet-service-mesh.c:4159) ==32345== by 0x52820E6: GNUNET_SERVER_inject (server.c:709) ==32345== by 0x5282BAA: client_message_tokenizer_callback (server.c:931) ==32345== by 0x528417F: GNUNET_SERVER_mst_receive (server_mst.c:261) ==32345== by 0x52828CD: process_incoming (server.c:861) ==32345== by 0x5257376: receive_ready (connection.c:1193) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== Jan 17 19:33:07-125126 mesh-32345 DEBUG MESH: CLIENT ALLOW SEND DESPITE 103675104 COPIES PENDING ==32345== Invalid read of size 8 ==32345== at 0x40238F: client_allow_send (gnunet-service-mesh.c:747) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== by 0x528BF53: GNUNET_SERVICE_run (service.c:1712) ==32345== by 0x40FB48: main (gnunet-service-mesh.c:4501) ==32345== Address 0x62df478 is 8 bytes inside a block of size 40 free'd ==32345== at 0x4C240FD: free (vg_replace_malloc.c:366) ==32345== by 0x524E0EB: GNUNET_xfree_ (common_allocation.c:201) ==32345== by 0x40685A: tunnel_send_multicast (gnunet-service-mesh.c:2091) ==32345== by 0x40A2BF: handle_mesh_data_multicast (gnunet-service-mesh.c:2967) ==32345== by 0x40EFD5: handle_local_multicast (gnunet-service-mesh.c:4159) ==32345== by 0x52820E6: GNUNET_SERVER_inject (server.c:709) ==32345== by 0x5282BAA: client_message_tokenizer_callback (server.c:931) ==32345== by 0x528417F: GNUNET_SERVER_mst_receive (server_mst.c:261) ==32345== by 0x52828CD: process_incoming (server.c:861) ==32345== by 0x5257376: receive_ready (connection.c:1193) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== ==32345== Invalid write of size 8 ==32345== at 0x402393: client_allow_send (gnunet-service-mesh.c:747) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== by 0x528BF53: GNUNET_SERVICE_run (service.c:1712) ==32345== by 0x40FB48: main (gnunet-service-mesh.c:4501) ==32345== Address 0x62df650 is 0 bytes inside a block of size 8 free'd ==32345== at 0x4C240FD: free (vg_replace_malloc.c:366) ==32345== by 0x524E0EB: GNUNET_xfree_ (common_allocation.c:201) ==32345== by 0x406844: tunnel_send_multicast (gnunet-service-mesh.c:2090) ==32345== by 0x40A2BF: handle_mesh_data_multicast (gnunet-service-mesh.c:2967) ==32345== by 0x40EFD5: handle_local_multicast (gnunet-service-mesh.c:4159) ==32345== by 0x52820E6: GNUNET_SERVER_inject (server.c:709) ==32345== by 0x5282BAA: client_message_tokenizer_callback (server.c:931) ==32345== by 0x528417F: GNUNET_SERVER_mst_receive (server_mst.c:261) ==32345== by 0x52828CD: process_incoming (server.c:861) ==32345== by 0x5257376: receive_ready (connection.c:1193) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== ==32345== Invalid read of size 8 ==32345== at 0x40239E: client_allow_send (gnunet-service-mesh.c:748) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== by 0x528BF53: GNUNET_SERVICE_run (service.c:1712) ==32345== by 0x40FB48: main (gnunet-service-mesh.c:4501) ==32345== Address 0x62df470 is 0 bytes inside a block of size 40 free'd ==32345== at 0x4C240FD: free (vg_replace_malloc.c:366) ==32345== by 0x524E0EB: GNUNET_xfree_ (common_allocation.c:201) ==32345== by 0x40685A: tunnel_send_multicast (gnunet-service-mesh.c:2091) ==32345== by 0x40A2BF: handle_mesh_data_multicast (gnunet-service-mesh.c:2967) ==32345== by 0x40EFD5: handle_local_multicast (gnunet-service-mesh.c:4159) ==32345== by 0x52820E6: GNUNET_SERVER_inject (server.c:709) ==32345== by 0x5282BAA: client_message_tokenizer_callback (server.c:931) ==32345== by 0x528417F: GNUNET_SERVER_mst_receive (server_mst.c:261) ==32345== by 0x52828CD: process_incoming (server.c:861) ==32345== by 0x5257376: receive_ready (connection.c:1193) ==32345== by 0x527E681: run_ready (scheduler.c:684) ==32345== by 0x527EE66: GNUNET_SCHEDULER_run (scheduler.c:874) ==32345== | ||||
| Tags | No tags attached. | ||||
| child of | 0002064 | closed | Christian Grothoff | new VPN service (working with new exit/dns services) needs to be fully implemented and tested |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2012-01-17 19:34 | Christian Grothoff | New Issue | |
| 2012-01-17 19:34 | Christian Grothoff | Status | new => assigned |
| 2012-01-17 19:34 | Christian Grothoff | Assigned To | => Bart Polot |
| 2012-01-17 19:52 | Christian Grothoff | Relationship added | child of 0002064 |
| 2012-01-19 00:15 | Bart Polot | Note Added: 0005293 | |
| 2012-01-19 00:15 | Bart Polot | Status | assigned => resolved |
| 2012-01-19 00:15 | Bart Polot | Fixed in Version | => Git master |
| 2012-01-19 00:15 | Bart Polot | Resolution | open => fixed |
| 2012-01-22 21:17 | Christian Grothoff | Fixed in Version | Git master => 0.9.2 |
| 2012-02-28 11:05 | Christian Grothoff | Status | resolved => closed |
| 2014-05-09 18:34 | Christian Grothoff | Category | mesh service => cadet service |
