[PATCH] dhcp: Fixed Crash on Switching Network

Saurav Babu Wed, 06 Aug 2014 02:00:07 -0700

Sometimes while switching network dhcp_initialize() fails because
interface is not up and hence dhcp->dhcp_client remains NULL. Here we
don't check return type of dhcp_initialize() and go on to call function
g_dhcp_client_start() and crash occurs.
Below trace is obtained when connman crashes:
connmand[19034]: Aborting (signal 11) [/usr/local/sbin/connmand]
connmand[19034]: ++++++++ backtrace ++++++++
connmand[19034]: #0  0xb7630f38 in /lib/i386-linux-gnu/libpthread.so.0
connmand[19034]: #1  0x8055a22 in debug() at client.c:0
connmand[19034]: #2  0x8058837 in g_dhcp_client_start() at polkit.c:0
connmand[19034]: #3  0x80a4772 in __connman_dhcp_start() at polkit.c:0
connmand[19034]: #4  0x8082a80 in set_connected.part.8() at network.c:0
connmand[19034]: #5  0x8082f7f in connman_network_set_connected() at
??:0
connmand[19034]: #6  0x805f921 in eth_network_connect() at ethernet.c:0
connmand[19034]: #7  0x8082dc3 in __connman_network_connect() at
polkit.c:0
connmand[19034]: #8  0x808e7e4 in __connman_service_connect() at
polkit.c:0
connmand[19034]: #9  0x808eef0 in auto_connect_service() at service.c:0
connmand[19034]: #10 0x808efde in run_auto_connect() at service.c:0
connmand[19034]: #11 0xb76cea3f in /lib/i386-linux-gnu/libglib-2.0.so.0
connmand[19034]: #12 0xb76cdd46 in /lib/i386-linux-gnu/libglib-2.0.so.0
connmand[19034]: #13 0xb76ce0e5 in /lib/i386-linux-gnu/libglib-2.0.so.0
connmand[19034]: #14 0xb76ce52b in /lib/i386-linux-gnu/libglib-2.0.so.0
connmand[19034]: #15 0x80544cd in main() at polkit.c:0
connmand[19034]: #16 0xb739b4d3 in /lib/i386-linux-gnu/libc.so.6
connmand[19034]: +++++++++++++++++++++++++++
---
 src/dhcp.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)


diff --git a/src/dhcp.c b/src/dhcp.c
index d714f99..3e6ca3b 100644
--- a/src/dhcp.c
+++ b/src/dhcp.c
@@ -590,6 +590,7 @@ int __connman_dhcp_start(struct connman_ipconfig *ipconfig,
 {
        const char *last_addr = NULL;
        struct connman_dhcp *dhcp;
+       int err;
 
        DBG("");
 
@@ -618,9 +619,15 @@ int __connman_dhcp_start(struct connman_ipconfig *ipconfig,
                        connman_network_ref(network);
                }
 
-               g_hash_table_insert(ipconfig_table, ipconfig, dhcp);
+               err = dhcp_initialize(dhcp);
 
-               dhcp_initialize(dhcp);
+               if(err < 0) {
+                       connman_network_unref(network);
+                       g_free(dhcp);
+                       return err;
+               }
+
+               g_hash_table_insert(ipconfig_table, ipconfig, dhcp);
        }
 
        dhcp->callback = callback;
-- 
1.9.1


Incorporated Patrik's Comments

Thanks,
Saurav
_______________________________________________
connman mailing list
[email protected]
https://lists.connman.net/mailman/listinfo/connman

[PATCH] dhcp: Fixed Crash on Switching Network

Reply via email to