https://bz.apache.org/bugzilla/show_bug.cgi?id=58194
Bug ID: 58194
Summary: Tomcat crash EXCEPTION_ACCESS_VIOLATION in
tcnative-1.dll
Product: Tomcat Native
Version: 1.1.32
Hardware: PC
Status: NEW
Severity: major
Priority: P2
Component: Library
Assignee: dev@tomcat.apache.org
Reporter: olga.ving...@gmail.com
Created attachment 32947
--> https://bz.apache.org/bugzilla/attachment.cgi?id=32947&action=edit
dump file
Hi,
Recently, we encountered Tomcat crash on EXCEPTION_ACCESS_VIOLATION in
tcnative-1.dll. I attached error log.
# Problematic frame:
# C [tcnative-1.dll+0x11982]
...
Stack: [0x0000000028400000,0x0000000028500000], sp=0x00000000284fed50, free
space=1019k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [tcnative-1.dll+0x11982]
C [tcnative-1.dll+0x11e7]
C 0x0000000004ad4e0a
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
J 18420 org.apache.tomcat.jni.Address.get(IJ)J (0 bytes) @ 0x0000000004ad4d84
[0x0000000004ad4d40+0x44]
According to the stack it looks that the native implementation of Address.get()
does not check if sock is null before passing it to apr_socket_addr_get, which
will end up dereferencing the null pointer inside apr_socket_addr_get leading
to a crash.
TCN_IMPLEMENT_CALL(jlong, Address, get)(TCN_STDARGS, jint which,
jlong sock)
{
tcn_socket_t *s = J2P(sock, tcn_socket_t *);
apr_sockaddr_t *sa = NULL;
UNREFERENCED(o);
TCN_THROW_IF_ERR(apr_socket_addr_get(&sa,
(apr_interface_e)which, s->sock), sa);
cleanup:
return P2J(sa);
}
I don't know how the issue can be reproduced.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
