View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004110 | Taler | mechant backend | public | 2015-12-25 15:44 | 2016-09-26 14:01 |
| Reporter | Florian Dold | Assigned To | Marcello Stanisci | ||
| Priority | urgent | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Target Version | 0.0 | Fixed in Version | 0.0 | ||
| Summary | 0004110: invalid memory access on /contract | ||||
| Description | While the program doesn't crash, there is still an invalid memory access. | ||||
| Steps To Reproduce | Dec 25 15:41:58-108673 taler-merchant-httpd-3356 DEBUG Handling request for URL `/contract' ==3356== Invalid read of size 8 ==3356== at 0x606A7B9: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606A868: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606F668: json_delete (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x406C7B: json_decref (jansson.h:112) ==3356== by 0x407259: TMH_RESPONSE_reply_json_pack (taler-merchant-httpd_responses.c:157) ==3356== by 0x409963: MH_handler_contract (taler-merchant-httpd_contract.c:120) ==3356== by 0x402B35: url_handler (taler-merchant-httpd.c:210) ==3356== by 0x5B1F371: call_connection_handler (connection.c:1585) ==3356== by 0x5B2039B: MHD_connection_handle_idle (connection.c:2624) ==3356== by 0x5B25BC9: MHD_run_from_select (daemon.c:2297) ==3356== by 0x5B25F42: MHD_select (daemon.c:2440) ==3356== by 0x5B259EA: MHD_run (daemon.c:2971) ==3356== Address 0xc2c0b38 is 8 bytes inside a block of size 32 free'd ==3356== at 0x4C29D2A: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==3356== by 0x606A7D4: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606A868: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606F668: json_delete (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606A7D4: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606A868: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606F668: json_delete (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x406C7B: json_decref (jansson.h:112) ==3356== by 0x407259: TMH_RESPONSE_reply_json_pack (taler-merchant-httpd_responses.c:157) ==3356== by 0x409963: MH_handler_contract (taler-merchant-httpd_contract.c:120) ==3356== by 0x402B35: url_handler (taler-merchant-httpd.c:210) ==3356== by 0x5B1F371: call_connection_handler (connection.c:1585) ==3356== Block was alloc'd at ==3356== at 0x4C28C10: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==3356== by 0x606ED99: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606BF14: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606BFF7: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606BFF7: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606C3ED: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606C6A5: json_loadb (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x4044D2: TMH_PARSE_post_json (taler-merchant-httpd_parsing.c:336) ==3356== by 0x4096C8: MH_handler_contract (taler-merchant-httpd_contract.c:62) ==3356== by 0x402B35: url_handler (taler-merchant-httpd.c:210) ==3356== by 0x5B1F371: call_connection_handler (connection.c:1585) ==3356== by 0x5B2039B: MHD_connection_handle_idle (connection.c:2624) ==3356== ==3356== Invalid write of size 8 ==3356== at 0x606A7CA: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606A868: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606F668: json_delete (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x406C7B: json_decref (jansson.h:112) ==3356== by 0x407259: TMH_RESPONSE_reply_json_pack (taler-merchant-httpd_responses.c:157) ==3356== by 0x409963: MH_handler_contract (taler-merchant-httpd_contract.c:120) ==3356== by 0x402B35: url_handler (taler-merchant-httpd.c:210) ==3356== by 0x5B1F371: call_connection_handler (connection.c:1585) ==3356== by 0x5B2039B: MHD_connection_handle_idle (connection.c:2624) ==3356== by 0x5B25BC9: MHD_run_from_select (daemon.c:2297) ==3356== by 0x5B25F42: MHD_select (daemon.c:2440) ==3356== by 0x5B259EA: MHD_run (daemon.c:2971) ==3356== Address 0xc2c0b38 is 8 bytes inside a block of size 32 free'd ==3356== at 0x4C29D2A: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==3356== by 0x606A7D4: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606A868: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606F668: json_delete (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606A7D4: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606A868: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606F668: json_delete (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x406C7B: json_decref (jansson.h:112) ==3356== by 0x407259: TMH_RESPONSE_reply_json_pack (taler-merchant-httpd_responses.c:157) ==3356== by 0x409963: MH_handler_contract (taler-merchant-httpd_contract.c:120) ==3356== by 0x402B35: url_handler (taler-merchant-httpd.c:210) ==3356== by 0x5B1F371: call_connection_handler (connection.c:1585) ==3356== Block was alloc'd at ==3356== at 0x4C28C10: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==3356== by 0x606ED99: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606BF14: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606BFF7: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606BFF7: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606C3ED: ??? (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x606C6A5: json_loadb (in /usr/lib/libjansson.so.4.7.0) ==3356== by 0x4044D2: TMH_PARSE_post_json (taler-merchant-httpd_parsing.c:336) ==3356== by 0x4096C8: MH_handler_contract (taler-merchant-httpd_contract.c:62) ==3356== by 0x402B35: url_handler (taler-merchant-httpd.c:210) ==3356== by 0x5B1F371: call_connection_handler (connection.c:1585) ==3356== by 0x5B2039B: MHD_connection_handle_idle (connection.c:2624) ==3356== | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2015-12-25 15:44 | Florian Dold | New Issue | |
| 2015-12-25 15:44 | Florian Dold | Status | new => assigned |
| 2015-12-25 15:44 | Florian Dold | Assigned To | => Marcello Stanisci |
| 2015-12-25 16:08 | Florian Dold | Status | assigned => resolved |
| 2015-12-25 16:08 | Florian Dold | Resolution | open => fixed |
| 2016-01-02 12:17 | Christian Grothoff | Status | resolved => closed |
| 2016-09-26 14:00 | Christian Grothoff | Fixed in Version | => 0.0 |
| 2016-09-26 14:01 | Christian Grothoff | Target Version | => 0.0 |
