Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

connectd: fix crash on freed context for new connections. #6070

Merged
merged 1 commit into from
Mar 6, 2023
Merged

connectd: fix crash on freed context for new connections. #6070

merged 1 commit into from
Mar 6, 2023

Conversation

rustyrussell
Copy link
Contributor

ccan/io stores the context pointer for io_new_conn, but we were using daemon->listeners which we reallocate, so it can use a stale pointer.

0x3e1700 call_error
	ccan/ccan/tal/tal.c:93
0x3e1700 check_bounds
	ccan/ccan/tal/tal.c:165
0x3e1700 to_tal_hdr
	ccan/ccan/tal/tal.c:174
0x3e1211 to_tal_hdr_or_null
	ccan/ccan/tal/tal.c:186
0x3e1211 tal_alloc_
	ccan/ccan/tal/tal.c:426
0x3db8f4 io_new_conn_
	ccan/ccan/io/io.c:91
0x3dd2e1 accept_conn
	ccan/ccan/io/poll.c:277
0x3dd2e1 io_loop
	ccan/ccan/io/poll.c:444
0x3419fa main
	connectd/connectd.c:2081

Fixes: #6060

@rustyrussell
connectd: fix crash on freed context for new connections.
f150277 
ccan/io stores the context pointer for io_new_conn, but we were using
`daemon->listeners` which we reallocate, so it can use a stale pointer.

```
0x3e1700 call_error
	ccan/ccan/tal/tal.c:93
0x3e1700 check_bounds
	ccan/ccan/tal/tal.c:165
0x3e1700 to_tal_hdr
	ccan/ccan/tal/tal.c:174
0x3e1211 to_tal_hdr_or_null
	ccan/ccan/tal/tal.c:186
0x3e1211 tal_alloc_
	ccan/ccan/tal/tal.c:426
0x3db8f4 io_new_conn_
	ccan/ccan/io/io.c:91
0x3dd2e1 accept_conn
	ccan/ccan/io/poll.c:277
0x3dd2e1 io_loop
	ccan/ccan/io/poll.c:444
0x3419fa main
	connectd/connectd.c:2081
```

Fixes: ElementsProject#6060
Signed-off-by: Rusty Russell <[email protected]>
@rustyrussell rustyrussell modified the milestones: v23.02, v23.02.1 Mar 6, 2023
vincenzopalazzo
vincenzopalazzo approved these changes Mar 6, 2023
View reviewed changes
Copy link
Collaborator

@vincenzopalazzo vincenzopalazzo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK f150277

@denis2342 denis2342 mentioned this pull request Mar 6, 2023
Closed
@endothermicdev
Copy link
Collaborator

ACK f150277

@endothermicdev endothermicdev merged commit b5c6140 into ElementsProject:master Mar 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vincenzopalazzo vincenzopalazzo vincenzopalazzo approved these changes

Assignees
No one assigned
Labels
crash
Projects
None yet
Milestone
v23.02.1
Development

Successfully merging this pull request may close these issues.

v23.02 crashes at start on freebsd
3 participants
@rustyrussell @endothermicdev @vincenzopalazzo