View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003966 | Taler | Merchant frontends (Python3) | public | 2015-09-09 17:05 | 2024-01-12 14:08 |
| Reporter | Marcello Stanisci | Assigned To | Marcello Stanisci | ||
| Priority | normal | Severity | crash | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Target Version | 0.0 | Fixed in Version | 0.0 | ||
| Summary | 0003966: Segfault when GET /contract | ||||
| Description | GET is the wrong method for this API entry, and it causes the following segmentation fault. Moreover, the dedicated routine should exit as soon as it discovers that the method is wrong. ==9425== Thread 2: ==9425== Conditional jump or move depends on uninitialised value(s) ==9425== at 0x804A6A3: url_handler (taler-merchant-httpd.c:500) ==9425== by 0x4109DFE: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x410B096: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110421: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110760: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110897: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4204EFA: start_thread (pthread_create.c:309) ==9425== by 0x430362D: clone (clone.S:129) ==9425== ==9425== Conditional jump or move depends on uninitialised value(s) ==9425== at 0x412657C: json_vunpack_ex (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x4126707: json_unpack (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x804A6DE: url_handler (taler-merchant-httpd.c:545) ==9425== by 0x4109DFE: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x410B096: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110421: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110760: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110897: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4204EFA: start_thread (pthread_create.c:309) ==9425== by 0x430362D: clone (clone.S:129) ==9425== ==9425== Conditional jump or move depends on uninitialised value(s) ==9425== at 0x4125766: ??? (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x41265DC: json_vunpack_ex (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x4126707: json_unpack (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x804A6DE: url_handler (taler-merchant-httpd.c:545) ==9425== by 0x4109DFE: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x410B096: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110421: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110760: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110897: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4204EFA: start_thread (pthread_create.c:309) ==9425== by 0x430362D: clone (clone.S:129) ==9425== ==9425== Use of uninitialised value of size 4 ==9425== at 0x4125768: ??? (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x41265DC: json_vunpack_ex (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x4126707: json_unpack (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x804A6DE: url_handler (taler-merchant-httpd.c:545) ==9425== by 0x4109DFE: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x410B096: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110421: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110760: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110897: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4204EFA: start_thread (pthread_create.c:309) ==9425== by 0x430362D: clone (clone.S:129) ==9425== ==9425== Invalid read of size 4 ==9425== at 0x4125768: ??? (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x41265DC: json_vunpack_ex (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x4126707: json_unpack (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x804A6DE: url_handler (taler-merchant-httpd.c:545) ==9425== by 0x4109DFE: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x410B096: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110421: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110760: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110897: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4204EFA: start_thread (pthread_create.c:309) ==9425== by 0x430362D: clone (clone.S:129) ==9425== Address 0x1 is not stack'd, malloc'd or (recently) free'd ==9425== ==9425== ==9425== Process terminating with default action of signal 11 (SIGSEGV) ==9425== Access not within mapped region at address 0x1 ==9425== at 0x4125768: ??? (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x41265DC: json_vunpack_ex (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x4126707: json_unpack (in /usr/lib/i386-linux-gnu/libjansson.so.4.7.0) ==9425== by 0x804A6DE: url_handler (taler-merchant-httpd.c:545) ==9425== by 0x4109DFE: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x410B096: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110421: MHD_run_from_select (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110760: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4110897: ??? (in /usr/lib/i386-linux-gnu/libmicrohttpd.so.10.27.0) ==9425== by 0x4204EFA: start_thread (pthread_create.c:309) ==9425== by 0x430362D: clone (clone.S:129) ==9425== If you believe this happened as a result of a stack ==9425== overflow in your program's main thread (unlikely but ==9425== possible), you can try to increase the size of the ==9425== main thread stack using the --main-stacksize= flag. ==9425== The main thread stack size used in this run was 8388608. ==9425== ==9425== HEAP SUMMARY: ==9425== in use at exit: 257,279 bytes in 3,349 blocks ==9425== total heap usage: 6,097 allocs, 2,748 frees, 402,462 bytes allocated ==9425== ==9425== LEAK SUMMARY: ==9425== definitely lost: 40 bytes in 1 blocks ==9425== indirectly lost: 15 bytes in 1 blocks ==9425== possibly lost: 144 bytes in 1 blocks ==9425== still reachable: 257,080 bytes in 3,346 blocks ==9425== suppressed: 0 bytes in 0 blocks ==9425== Rerun with --leak-check=full to see details of leaked memory ==9425== ==9425== For counts of detected and suppressed errors, rerun with: -v ==9425== Use --track-origins=yes to see where uninitialised values come from ==9425== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0) Killed | ||||
| Steps To Reproduce | curl http://merchant_backend_url/contract | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2015-09-09 17:05 | Marcello Stanisci | New Issue | |
| 2015-09-09 17:05 | Marcello Stanisci | Status | new => assigned |
| 2015-09-09 17:05 | Marcello Stanisci | Assigned To | => Marcello Stanisci |
| 2015-09-10 15:05 | Christian Grothoff | Severity | minor => crash |
| 2015-09-16 16:46 | Marcello Stanisci | Note Added: 0009633 | |
| 2015-09-16 16:46 | Marcello Stanisci | Status | assigned => resolved |
| 2015-09-16 16:46 | Marcello Stanisci | Resolution | open => fixed |
| 2015-09-19 15:03 | Christian Grothoff | Status | resolved => closed |
| 2015-11-29 13:48 | Christian Grothoff | Category | merchant (demonstrator) => merchant frontend (demonstrator) |
| 2016-02-17 03:24 | Florian Dold | Category | merchant frontend (demonstrator) => merchant frontend (donations) |
| 2016-09-26 14:00 | Christian Grothoff | Fixed in Version | => 0.0 |
| 2016-09-26 14:01 | Christian Grothoff | Target Version | => 0.0 |
| 2024-01-12 14:08 | Christian Grothoff | Category | merchant frontend (donations) => Merchant frontends (Python3) |
