Package: xorp Version: 1.8.6~wip.20160715-2 Severity: important Tags: patch
Dear Maintainer,
The xorp initialization process was generating segfaults in
libxorp_rib.so because of null pointer dereferences. After some
research, it seems that this was a latent bug that was exposed by an
optimizer improvement included in gcc 6 ("Value range propagation now
assumes that the this pointer of C++ member functions is non-null").
The attached patch adds some null pointer checks which seem to solve the
problem, at least for a multicast routing deployment.
On the other hand, the patch also changes a line in debian/rules in
order to complete the incorporation of hardened build flags. This is
required because the SCons build system uses the, perhaps somewhat
unusual, LINKFLAGS variable name for the linker flags.
Some limited testing has been performed in a production router, I hope
the patch can be useful.
Regards,
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.8.0-2-amd64 (SMP w/1 CPU core)
Locale: LANG=es_VE.UTF-8, LC_CTYPE=es_VE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages xorp depends on:
ii adduser 3.115
ii init-system-helpers 1.46
ii libc6 2.24-8
ii libgcc1 1:6.2.1-5
ii libncurses5 6.0+20161126-1
ii libpcap0.8 1.8.1-3
ii libssl1.1 1.1.0c-2
ii libstdc++6 6.2.1-5
ii libsystemd0 232-8
ii libtinfo5 6.0+20161126-1
Versions of packages xorp recommends:
ii iputils-ping 3:20161105-1
ii iputils-tracepath 3:20161105-1
ii traceroute 1:2.1.0-2
xorp suggests no packages.
-- Configuration Files:
/etc/default/xorp changed [not included]
/etc/xorp/config.boot changed [not included]
-- no debconf information
--
Dhionel Díaz
Centro Nacional de Desarrollo e Investigación en Tecnologías Libres
Ministerio del Poder Popular para
Educación Universitaria, Ciencia y Tecnología
diff -Nru xorp-1.8.6~wip.20160715/debian/patches/check_null_pointer xorp-1.8.6~wip.20160715/debian/patches/check_null_pointer --- xorp-1.8.6~wip.20160715/debian/patches/check_null_pointer 1969-12-31 20:00:00.000000000 -0400 +++ xorp-1.8.6~wip.20160715/debian/patches/check_null_pointer 2016-07-23 17:00:43.000000000 -0400 @@ -0,0 +1,36 @@ +Description: Add some null pointer checks to avoid segfaults. + When compiled using gcc 6, the initialization process generates segfaults at + some null pointer dereferences. This problem was probably exposed by the + behaviour of -fdelete-null-pointer-checks in gcc 6. +Author: Dhionel Díaz <[email protected]> +Last-Update: 2017-01-04 +--- +--- a/libxorp/trie.hh ++++ b/libxorp/trie.hh +@@ -623,7 +623,7 @@ + * + */ + iterator lookup_node(const Key & k) const { +- Node *n = _root->find(k); ++ Node *n = (_root) ? _root->find(k) : NULL; + return (n && n->k() == k) ? iterator(n) : end(); + } + +@@ -632,7 +632,7 @@ + * the key passed as parameter. + */ + iterator search_subtree(const Key &key) const { +- return iterator(_root->find_subtree(key), key); ++ return (_root) ? iterator(_root->find_subtree(key), key) : end(); + } + + /** +@@ -648,7 +648,7 @@ + + Key x(key.masked_addr(), key.prefix_len() - 1); + +- return iterator(_root->find(x)); ++ return (_root) ? iterator(_root->find(x)) : end(); + } + + /** diff -Nru xorp-1.8.6~wip.20160715/debian/patches/series xorp-1.8.6~wip.20160715/debian/patches/series --- xorp-1.8.6~wip.20160715/debian/patches/series 2016-07-22 05:47:06.000000000 -0400 +++ xorp-1.8.6~wip.20160715/debian/patches/series 2016-07-23 17:00:43.000000000 -0400 @@ -12,3 +12,4 @@ default_log_output sd_notify_rtrmgr xorp_reproducible +check_null_pointer diff -Nru xorp-1.8.6~wip.20160715/debian/rules xorp-1.8.6~wip.20160715/debian/rules --- xorp-1.8.6~wip.20160715/debian/rules 2016-07-23 15:53:02.000000000 -0400 +++ xorp-1.8.6~wip.20160715/debian/rules 2016-07-23 17:00:43.000000000 -0400 @@ -46,7 +46,7 @@ enable_systemd=true \ disable_werror=true \ CPPFLAGS="$(CPPFLAGS)" CFLAGS="$(CFLAGS)" \ - CXXFLAGS="$(CXXFLAGS)" LDFLAGS="$(LDFLAGS)" + CXXFLAGS="$(CXXFLAGS)" LINKFLAGS="$(LDFLAGS)" CXXFLAGS += -std=gnu++98
signature.asc
Description: OpenPGP digital signature
