7314601f9d
k0ga reports: Hello, While I was setting my pppoe conexion with my ISP I discovered several problems in ip/pppoe. I used the command line ip/pppoe -A '' ether0 and I got this: ... dropping unwanted pkt: wrong ac name panic: D2B called on non-block dc10 (double-free?) note rcved: sys: trap: fault read addr=0x0 pc=0x000066e1 pppoe 1013: suicide: sys: trap: fault read addr=0x0 pc=0x000066e1 cpu% acid 1013 /proc/1013/text:386 plan 9 executable /sys/lib/acid/port /sys/lib/acid/386 acid: stk() abort()+0x0 /sys/src/libc/9sys/abort.c:6 ppanic(p=0xd1b8,fmt=0xc7f9)+0x146 /sys/src/libc/port/malloc.c:166 D2B(p=0xd1b8,v=0xdc10)+0x57 /sys/src/libc/port/pool.c:926 poolfreel(v=0xdc10,p=0xd1b8)+0x20 /sys/src/libc/port/pool.c:1152 poolfree(p=0xd1b8,v=0xdc10)+0x3b /sys/src/libc/port/pool.c:1287 free(v=0xdc18)+0x23 /sys/src/libc/port/malloc.c:250 clearstate()+0x1b /sys/src/cmd/ip/pppoe.c:328 pppoe(ether=0xdfffefc1)+0x123 /sys/src/cmd/ip/pppoe.c:426 main(argv=0xdfffefa0,argc=0x1)+0x89 /sys/src/cmd/ip/pppoe.c:100 _main+0x31 /sys/src/libc/386/main9.s:16 acid: clearstate() is called in pppoe.c:424, and it frees acname and sets it to nil. pktread() is called in pppoe.c:434 with parameter wantoffer, which frees acname again in line pppoe.c:360 but doesn't set it to nil, so clearstate() makes a double free in the next iteration. |
||
|---|---|---|
| .. | ||
| 9 | ||
| ape | ||
| boot | ||
| cmd | ||
| games | ||
| lib9p | ||
| libaml | ||
| libauth | ||
| libauthsrv | ||
| libavl | ||
| libbin | ||
| libbio | ||
| libc | ||
| libcomplete | ||
| libcontrol | ||
| libdisk | ||
| libdraw | ||
| libfis | ||
| libflate | ||
| libframe | ||
| libgeometry | ||
| libhtml | ||
| libhttpd | ||
| libip | ||
| libjson | ||
| liblex | ||
| libmach | ||
| libmemdraw | ||
| libmemlayer | ||
| libmp | ||
| libndb | ||
| liboventi | ||
| libplumb | ||
| libregexp | ||
| libscribble | ||
| libsec | ||
| libstdio | ||
| libString | ||
| libsunrpc | ||
| libthread | ||
| libventi | ||
| mkfile | ||
| mkfile.proto | ||
| NOTICE | ||