#257 closed defect (fixed)
Crash when disconnecting from partially-connected SSL jabber account
Reported by: | Kena | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | 1.2 |
Component: | BitlBee | Version: | 1.1dev |
Keywords: | Cc: | ||
IRC client+version: | Client-independent | Operating System: | Other |
OS version/distro: | SunOS+libevent+gnutls |
Description
Program received signal SIGSEGV, Segmentation fault. 0xff1427f0 in gnutls_certificate_free_keys () from /usr/local/lib/libgnutls.so.13 (gdb) bt #0 0xff1427f0 in gnutls_certificate_free_keys () from /usr/local/lib/libgnutls.so.13 #1 0xff142b84 in gnutls_certificate_free_credentials () from /usr/local/lib/libgnutls.so.13 #2 0x0003e738 in ssl_disconnect (conn_=0x62dd8) at ssl_gnutls.c:218 #3 0x00030e7c in jabber_close (gc=0x64118) at jabber.c:205 #4 0x00029f4c in signoff (gc=0x64118) at nogaim.c:293 #5 0x00015828 in account_off (irc=0x59388, a=0x5fb78) at account.c:226 #6 0x00023394 in cmd_account (irc=0x59388, cmd=0xffbfec78) at root_commands.c:341 #7 0x000226a4 in root_command (irc=0x59388, cmd=0xffbfec78) at root_commands.c:95 #8 0x00022588 in root_command_string (irc=0x59388, u=0x59568, command=0xffbfee9a "account", flags=0) at root_commands.c:77 #9 0x0001d544 in irc_send (irc=0x59388, nick=0x56d98 "root", s=0xffbfee9a "account", flags=0) at irc.c:1034 #10 0x0001f120 in irc_cmd_privmsg (irc=0x59388, cmd=0x60068) at irc_commands.c:265 #11 0x000207cc in irc_exec (irc=0x59388, cmd=0x60068) at irc_commands.c:639 #12 0x0001ace0 in irc_process (irc=0x59388) at irc.c:354 #13 0x0001604c in bitlbee_io_current_client_read (data=0x59388, fd=12, cond=GAIM_INPUT_READ) at bitlbee.c:204 #14 0x00036b34 in b_event_passthrough (fd=12, event=2, data=0x59418) at events_libevent.c:112 #15 0xff245cf4 in event_process_active () from /usr/local/lib/libevent-1.2a.so.1 #16 0xff2461a4 in event_base_loop () from /usr/local/lib/libevent-1.2a.so.1 #17 0xff245e68 in event_loop () from /usr/local/lib/libevent-1.2a.so.1 #18 0xff245d28 in event_dispatch () from /usr/local/lib/libevent-1.2a.so.1 #19 0x00036a00 in b_main_run () at events_libevent.c:71 #20 0x00028a38 in main (argc=3, argv=0xffbff764, envp=0xffbff774) at unix.c:117 (gdb) up #1 0xff142b84 in gnutls_certificate_free_credentials () from /usr/local/lib/libgnutls.so.13 (gdb) #2 0x0003e738 in ssl_disconnect (conn_=0x62dd8) at ssl_gnutls.c:218 218 gnutls_certificate_free_credentials( conn->xcred ); (gdb) print *conn $1 = {func = 0x2d49c <jabber_connected_ssl>, data = 0x64118, fd = 15, established = 0, inpa = -1, session = 0x0, xcred = 0x0}
Looks like gnutls_certificate_free_credentials should not be called if xcred is NULL.
Or maybe it should not be NULL in the first place?
Attachments (0)
Change History (7)
comment:1 Changed at 2007-02-26T11:45:08Z by
comment:2 Changed at 2007-02-26T11:48:03Z by
Note: this happened when doing "account off" after "account on", before authentication takes place.
comment:3 Changed at 2007-04-11T14:15:14Z by
valgrind log for very alike bug
==19501== Invalid read of size 4 ==19501== at 0x806A082: jabber_connected_plain (io.c:246) ==19501== by 0x80A1456: s5_canread_again (proxy.c:351) ==19501== by 0x809D7D2: gaim_io_invoke (events_glib.c:84) ==19501== by 0x408052B: (within /usr/lib/libglib-2.0.so.0.1000.3) ==19501== by 0x40598D5: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.1000.3) ==19501== by 0x405C995: (within /usr/lib/libglib-2.0.so.0.1000.3) ==19501== by 0x405CCB7: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.1000.3) ==19501== by 0x809D75F: b_main_run (events_glib.c:63) ==19501== by 0x80612DB: main (unix.c:117) ==19501== Address 0x44B83CC is 268 bytes inside a block of size 276 free'd ==19501== at 0x401CFCF: free (vg_replace_malloc.c:235) ==19501== by 0x4060EEB: g_free (in /usr/lib/libglib-2.0.so.0.1000.3) ==19501== by 0x8061F0D: imc_free (nogaim.c:182) ==19501== by 0x806265B: imc_logout (nogaim.c:357) ==19501== by 0x8053073: account_off (account.c:226) ==19501== by 0x805D102: cmd_account (root_commands.c:344) ==19501== by 0x805C7A8: root_command (root_commands.c:95) ==19501== by 0x805C709: root_command_string (root_commands.c:77) ==19501== by 0x80591C1: irc_send (irc.c:1034) ==19501== by 0x805A49E: irc_cmd_privmsg (irc_commands.c:265) ==19501== by 0x805B571: irc_exec (irc_commands.c:639) ==19501== by 0x805739A: irc_process (irc.c:354)
comment:4 Changed at 2007-04-19T15:05:24Z by
seems, that's because I use socks5 proxy and bitlbee does not remove socks5 events from event list while account off
, not sure, but seems so.
comment:5 Changed at 2007-04-29T20:34:37Z by
#0 0x0805ec5f in set_find (head=0x150078, key=0x80af040 "strip_html") at set.c:64 #1 0x0805ecab in set_getstr (head=0x150078, key=0x80af040 "strip_html") at set.c:78 #2 0x08067f0d in serv_got_crap (ic=0x80de2d0, format=0x80af078 "Error: %s") at nogaim.c:188 #3 0x080680d3 in imcb_error (ic=0x80de2d0, format=0x80b0c24 "Could not connect to server") at nogaim.c:233 #4 0x0806fdc8 in jabber_connected_plain (data=0x80de2d0, source=-1, cond=GAIM_INPUT_READ) at io.c:244 #5 0x08066093 in s5_canread_again (data=0x80de0d8, source=7, cond=GAIM_INPUT_READ) at proxy.c:351 #6 0x0806240f in gaim_io_invoke (source=0x80dd1a0, condition=G_IO_IN, data=0x80dd488) at events_glib.c:84 #7 0xb7ee752c in g_vasprintf () from /usr/lib/libglib-2.0.so.0 #8 0xb7ec08d6 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #9 0xb7ec3996 in g_main_context_check () from /usr/lib/libglib-2.0.so.0 #10 0xb7ec3cb8 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #11 0x0806239c in b_main_run () at events_glib.c:63 #12 0x08061444 in main (argc=1, argv=0xbff4f084, envp=0xbff4f08c) at unix.c:117
comment:6 Changed at 2007-12-12T23:37:09Z by
Milestone: | → 1.2 |
---|
comment:7 Changed at 2007-12-13T00:01:54Z by
Resolution: | → fixed |
---|---|
Status: | new → closed |
Fixed. darkk, I think your problem is similar to #231 so I'll hopefully fix that issue in there. The valgrind info you paste looks like you're right about the cause of this crash.
Sorry for the formatting...
Looks like gnutls_certificate_free_credentials should not be called if xcred is NULL.
Or maybe it should not be NULL in the first place?