Michael J. Hartwick wrote: > I know that this post may not contain all of the required information, > this is just to get things going while I investigate further.
From gdb: > #0 0x40297d8f in memcpy () from /lib/libc.so.6 > #1 0x400289c1 in rad_attr2vp (packet=0x8177678, original=0x0, > secret=0x8169168 "secret", > attribute=90, length=0, data=0x817887c 'length' shouldn't be zero. The VP shouldn't be created if 'length' is zero. > I have had a problem with FreeRADIUS segfaulting intermittently for a > number of months which makes it hard to gather the required information. > The only thing that I found in all cases was the numerous, empty > Cisco-AVPair's in the packet. With it being a segfault I suspect > accessing a null pointer somewhere. Can you find out what equipment is generating this nonsense, and file a bug on bugs.freeradius.org with the make/model, etc? That way other people can avoid broken equipment. > I *think* that the problem might be the length=0 in the call to > rad_attr2vp(). If that is the case then something like: > > if (length = 0) return NULL; > > at line 1928 or so of radius.c might resolve the problem. Before I go > ahead and make that addition, am I on the right page or way off in left > field on this? You're right, but that change will cause the entire packet to be discarded. If you're Ok with that, fine. Otherwise, I've committed a patch to CVS head that should fix this. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
