View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002368 | GNUnet | transport service | public | 2012-05-23 09:55 | 2012-06-02 19:15 |
| Reporter | Matthias Wachs | Assigned To | Matthias Wachs | ||
| Priority | normal | Severity | crash | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | Git master | ||||
| Target Version | 0.9.3 | Fixed in Version | 0.9.3 | ||
| Summary | 0002368: Use after free in GST_neighbours_handle_connect (gnunet-service-transport_neighbours.c:2058) | ||||
| Description | Revision 21560 on gnunet9@gnunet.org ==11278== Invalid read of size 8 ==11278== at 0x4A24F98: GNUNET_ATS_suggest_address (ats_api_scheduling.c:970) ==11278== by 0x40BBBD: GST_neighbours_handle_connect (gnunet-service-transport_neighbours.c:2058) ==11278== by 0x403F67: plugin_env_receive_callback (gnunet-service-transport.c:260) ==11278== by 0xA258FF6: handle_tcp_data (plugin_transport_tcp.c:1940) ==11278== by 0x526E7B1: GNUNET_SERVER_inject (server.c:891) ==11278== by 0x526F87F: client_message_tokenizer_callback (server.c:1098) ==11278== by 0x5270061: GNUNET_SERVER_mst_receive (server_mst.c:224) ==11278== by 0x526F2C7: process_mst (server.c:961) ==11278== by 0x526F793: process_incoming (server.c:1041) ==11278== by 0x524BEE1: receive_ready (connection.c:1055) ==11278== by 0x526D0FF: GNUNET_SCHEDULER_run (scheduler.c:602) ==11278== by 0x5276088: GNUNET_SERVICE_run (service.c:1773) ==11278== Address 0xa6ff788 is 312 bytes inside a block of size 424 free'd ==11278== at 0x4028AAE: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11278== by 0xA25659C: session_disconnect_it (plugin_transport_tcp.c:1362) ==11278== by 0x5253AAC: GNUNET_CONTAINER_multihashmap_get_multiple (container_multihashmap.c:485) ==11278== by 0xA257A06: tcp_plugin_disconnect (plugin_transport_tcp.c:1389) ==11278== by 0x408CE4: free_neighbour (gnunet-service-transport_neighbours.c:889) ==11278== by 0x40BB9C: GST_neighbours_handle_connect (gnunet-service-transport_neighbours.c:2055) ==11278== by 0x403F67: plugin_env_receive_callback (gnunet-service-transport.c:260) ==11278== by 0xA258FF6: handle_tcp_data (plugin_transport_tcp.c:1940) ==11278== by 0x526E7B1: GNUNET_SERVER_inject (server.c:891) ==11278== by 0x526F87F: client_message_tokenizer_callback (server.c:1098) ==11278== by 0x5270061: GNUNET_SERVER_mst_receive (server_mst.c:224) ==11278== by 0x526F2C7: process_mst (server.c:961) | ||||
| Tags | No tags attached. | ||||
| duplicate of | 0002367 | closed | Matthias Wachs | Use after free setup_neighbour (gnunet-service-transport_neighbours.c:1589) |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2012-05-23 09:55 | Matthias Wachs | New Issue | |
| 2012-05-23 09:55 | Matthias Wachs | Status | new => assigned |
| 2012-05-23 09:55 | Matthias Wachs | Assigned To | => Matthias Wachs |
| 2012-05-23 13:38 | Matthias Wachs | Relationship added | duplicate of 0002367 |
| 2012-05-24 13:45 | Matthias Wachs | Note Added: 0005941 | |
| 2012-05-24 13:45 | Matthias Wachs | Status | assigned => resolved |
| 2012-05-24 13:45 | Matthias Wachs | Resolution | open => fixed |
| 2012-05-27 18:34 | Christian Grothoff | Fixed in Version | => 0.9.3 |
| 2012-05-27 18:34 | Christian Grothoff | Target Version | => 0.9.3 |
| 2012-06-02 19:15 | Christian Grothoff | Status | resolved => closed |
