--- Begin Message ---
i haven't reproduced it myself yet (though i'll try shortly) but we
got an automated crash report from tcpdump on Android via

the bug is a use-after-free, specifically when pcap_breakloop() tries
to write to the already-freed struct pcap_t. this happens if a signal
is received during tcpdump shutdown (which is presumably why we
haven't hit this more often on ASan/HWASan builds).

i assume the fix is to disable the signal handlers before calling
pcap_close() to free the struct pcap_t, but i thought i'd bring this
up on the list before i (a) look at reproducing this locally and (b)
send a patch...

--- End Message ---
tcpdump-workers mailing list

Reply via email to