Uploaded image for project: 'Connection Manager'
  1. Connection Manager
  2. CM-693

Segfault when string2state() in iwd.c is passed a null pointer

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: New
    • Priority: P3
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: ConnMan Core
    • Labels:
      None

      Description

      With the latest IWD 0.9, connman somehow ends up getting a null pointer. The crash is in string2state() in iwd.c

      I was able to fix this issue by patching connman so it doesn't try and use strcmp() on a null string. The patch is attached. I have also attached a gdb backtrace.

      I have checked and it doesn't segfault in IWD 0.7, and may or may not segfault with IWD 0.8. While IWD may or may not be doing something wrong here, I believe this still needs to be fixed in connman, and possibly show a warning in the connman output if desired (as my patch does).

      With the patch applied, connman works normally, and I only get a single warning that string2state() was passed a null string toward the very beginning of connmand starting (it doesn't seem to ever happen at any other time).

       

      Edit: Looking into it, you use g_strcmp0 in other places in iwd.c and the documentation states it handles NULL strings gracefully. So it would likely be advantageous to change all uses of strcmp to g_strcmp0 to avoid other potential segfaults.

        Attachments

        Gerrit Reviews Web Panel

        Error rendering 'com.meetme.plugins.jira.gerrit-plugin:gerritreviewsmodule'. Please contact your Jira administrators.

          Activity

            People

            • Assignee:
              pflykt Flykt Patrik
              Reporter:
              samcv McVey Samantha
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: