New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV in second or third time access #1

Closed
serihiro opened this Issue Sep 24, 2016 · 4 comments

Comments

Projects
None yet
1 participant
@serihiro
Owner

serihiro commented Sep 24, 2016

SEGV is occurred accidentally.

e.g.

run kagou
access from browser -> success
access from browser -> SEGV

But sometimes SEGV is not occurred in second or more times access.
Maybe kagou source code has some bad memory access...

@serihiro serihiro added the bug label Sep 24, 2016

@serihiro

This comment has been minimized.

Show comment
Hide comment
@serihiro

serihiro Sep 24, 2016

Owner

As a result of my persistent print debug, create_html_message occurs SEGV. I keep doing some research.

Breakpoint 1, create_html_message (ret=0x7fff5fb04390 "", response=...) at src/request_handler.c:96
96          strcat(ret, response.response_status);
(gdb)
Continuing.

Program received signal SIGSEGV, Segmentation fault.
Owner

serihiro commented Sep 24, 2016

As a result of my persistent print debug, create_html_message occurs SEGV. I keep doing some research.

Breakpoint 1, create_html_message (ret=0x7fff5fb04390 "", response=...) at src/request_handler.c:96
96          strcat(ret, response.response_status);
(gdb)
Continuing.

Program received signal SIGSEGV, Segmentation fault.
@serihiro

This comment has been minimized.

Show comment
Hide comment
@serihiro

serihiro Sep 24, 2016

Owner

6 times in loop


99          for(int i = 0; i < (int)sizeof(response.header_values); i++){
(gdb)
100             if(response.header_values[i].key == NULL)
(gdb)
102             strcat(ret, response.header_values[i].key);
(gdb)

Program received signal SIGSEGV, Segmentation fault.
0x00007fff9093c132 in strlen () from /usr/lib/system/libsystem_c.dylib
Owner

serihiro commented Sep 24, 2016

6 times in loop


99          for(int i = 0; i < (int)sizeof(response.header_values); i++){
(gdb)
100             if(response.header_values[i].key == NULL)
(gdb)
102             strcat(ret, response.header_values[i].key);
(gdb)

Program received signal SIGSEGV, Segmentation fault.
0x00007fff9093c132 in strlen () from /usr/lib/system/libsystem_c.dylib
@serihiro

This comment has been minimized.

Show comment
Hide comment
@serihiro

serihiro Sep 24, 2016

Owner

Somehow, when process access to response.header_values[i].key which value is NULL, process occurres SEGV.

With fix for loop condition like this, SEGV is not occurred.

for(int i = 0; i < 6; i++){
Owner

serihiro commented Sep 24, 2016

Somehow, when process access to response.header_values[i].key which value is NULL, process occurres SEGV.

With fix for loop condition like this, SEGV is not occurred.

for(int i = 0; i < 6; i++){
@serihiro

This comment has been minimized.

Show comment
Hide comment
@serihiro

serihiro Sep 24, 2016

Owner

Finally, I init request_header_values and response_header_values with NULL.
Maybe memset does not ensure init with NULL. So it's more safety assigning NULL manually.

    for(int i = 0; i < 10; i++){
        request_header_values[i].key = NULL;
        request_header_values[i].value = NULL;
        response_header_values[i].key = NULL;
        response_header_values[i].value = NULL;
    }
Owner

serihiro commented Sep 24, 2016

Finally, I init request_header_values and response_header_values with NULL.
Maybe memset does not ensure init with NULL. So it's more safety assigning NULL manually.

    for(int i = 0; i < 10; i++){
        request_header_values[i].key = NULL;
        request_header_values[i].value = NULL;
        response_header_values[i].key = NULL;
        response_header_values[i].value = NULL;
    }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment