[BusyBox] httpd segfault
Pete Flugstad
peteflugstad at mchsi.com
Sun Dec 14 22:13:00 UTC 2003
Hello,
I'm running into a segfault with httpd. I tracked this down to the
config->referer handling.
Specifically, if a request comes in that has a referrer in it, then
config->referer is strdup'd to create a new string representing that
value, in handleIncoming. Later when handleIncoming is done, this
buffer is freed, but the config->referer pointer is NOT zero'd.
If another request comes in after that, without a referer line, then
the old config->referer pointer is free'd again, probably causing a
segfault (at least it does on my system).
The solution is to simply zero the config->referer pointer at the
bottom of the handleIncoming function.
Pete Flugstad
PS: caught this with ElectricFence - all hail Electric Fence!!!
More information about the busybox
mailing list