search

dotiao / rfc5766-turn-server

Automatically exported from code.google.com/p/rfc5766-turn-server
0 stars 0 forks source link

Segmentation fault. on tcp relay #81

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
I found SEGV in tcp relay. ( turnserver-3.1.1.0)

should check which ss is not null  before  ss->enforce_fingerprints? 

following gdb console log.
(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fe008965700 (LWP 20409)]
0x00007fe00faec6e5 in turnserver_accept_tcp_client_data_connection 
(server=0x7fe000012340, tcid=<optimized out>, tid=<optimized out>, 
s=0x7fdffc012ea0, message_integrity=<optimized out>)
    at src/server/ns_turn_server.c:1952
1952                    if ((server->fingerprint) || ss->enforce_fingerprints) {
(gdb) bt
#0  0x00007fe00faec6e5 in turnserver_accept_tcp_client_data_connection 
(server=0x7fe000012340, tcid=<optimized out>, tid=<optimized out>, 
s=0x7fdffc012ea0, message_integrity=<optimized out>)
    at src/server/ns_turn_server.c:1952
#1  0x00007fe00facbc0a in handle_relay_message (sm=0x7fe008964ca0, 
rs=0x7fe00fdae230) at src/apps/relay/netengine.c:414
#2  relay_receive_message (bev=<optimized out>, ptr=0x7fe00fdae230) at 
src/apps/relay/netengine.c:472
#3  0x00007fe00f0490a3 in ?? () from /usr/lib/libevent_core-2.0.so.5
#4  0x00007fe00f03f7f7 in event_base_loop () from 
/usr/lib/libevent_core-2.0.so.5
#5  0x00007fe00facbe6e in run_events (eb=0x7fe0000008f0) at 
src/apps/relay/netengine.c:1104
#6  0x00007fe00facbed1 in run_general_relay_thread (arg=0x7fe00fdae230) at 
src/apps/relay/netengine.c:1209
#7  0x00007fe00e099e9a in start_thread () from 
/lib/x86_64-linux-gnu/libpthread.so.0
#8  0x00007fe00ddc63fd in clone () from /lib/x86_64-linux-gnu/libc.so.6
#9  0x0000000000000000 in ?? ()

(gdb) p ss
$1 = (ts_ur_super_session *) 0x0

Original issue reported on code.google.com by kazuh...@gmail.com on 10 Dec 2013 at 1:26

GoogleCodeExporter commented 9 years ago 
Thanks for reporting. I'll fix it in 3.1.1.1.

Original comment by mom040...@gmail.com on 10 Dec 2013 at 1:32

GoogleCodeExporter commented 9 years ago 
The fix can be taken from SVN, for now. Later it will be included into a 
subsequent release.

Original comment by mom040...@gmail.com on 10 Dec 2013 at 1:35

GoogleCodeExporter commented 9 years ago 
Fixed in 3.1.2.1

Original comment by mom040...@gmail.com on 10 Dec 2013 at 9:07

GoogleCodeExporter commented 9 years ago

Original comment by mom040...@gmail.com on 10 Dec 2013 at 9:08