On Wed, Aug 20, 2014 at 05:44:28PM +1200, Nic Cave-Lynch wrote:
Hi People
I've been trying to find a segfault in a custom protocol I've been writing. I've finally tracked it down to a situation where bgp protocol, in bgp_rte_update, is calling rte_get_temp but not setting -> next to null, leaving it at whatever was left in RAM when the memory was allocated. Later, I see it's not null and try to access the ->next and eventually trigger a segfault.
Generally, rte->next should be set by rte_recalculate() when it is inserted to the routing table and should not be accessed before that. If this causes crash to you, it is probably some other problem in the update path. What are the circumstances when your code accessed rte->next value? It was called regularly from rte_announce()? -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."