[FS#994] dnsmasq repeatedly crashes due to invalid write access
LEDE Bugs
lede-bugs at lists.infradead.org
Fri Sep 1 06:44:22 PDT 2017
A new Flyspray task has been opened. Details are below.
User who did this - Marcin Jurkowski (marcin1j)
Attached to Project - LEDE Project
Summary - dnsmasq repeatedly crashes due to invalid write access
Task Type - Bug Report
Category - Base system
Status - Unconfirmed
Assigned To -
Operating System - All
Severity - High
Priority - Very Low
Reported Version - Trunk
Due in Version - Undecided
Due Date - Undecided
Details - This happens repeatedly on ramips target (Nexx WT3020) with dnsmasq version 2.77-9:
do_page_fault(): sending SIGSEGV to dnsmasq for invalid write access to 009d5000
epc = 7766aae4 in libc.so[775f8000+92000]
ra = 00406e05 in dnsmasq[400000+21000]
Return address 0x00406e05 corresponds to line 1231 in src/rfc1035.c:
1231 if (ntohs(header->ancount) != 0 ||
1232 ntohs(header->nscount) != 0 ||
1233 ntohs(header->qdcount) == 0 ||
1234 OPCODE(header) != QUERY )
1235 return 0;
It's impossible to identify line number for program counter 0x7766aae4 (EPC seems invalid) however the only MUSL function called is ntohs:
uint16_t ntohs(uint16_t n)
{
union { int i; char c; } u = { 1 };
return u.c ? bswap_16(n) : n;
}
This issue has been reported in bug #251.
Is it a bug in dnsmasq itself, gcc, MUSL or some linking issue?
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=994
More information about the lede-bugs
mailing list