The Samba-Bugzilla – Attachment 17440 Details for
Bug 15128
possible use after free of connection_struct when iterating smbd_server_connection->connections
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
valgrind output
valgrind1 (text/plain), 3.76 KB, created by
Noel Power
on 2022-07-23 12:08:32 UTC
(
hide
)
Description:
valgrind output
Filename:
MIME Type:
Creator:
Noel Power
Created:
2022-07-23 12:08:32 UTC
Size:
3.76 KB
patch
obsolete
>==10378== For lists of detected and suppressed errors, rerun with: -s >==10378== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) >==10337== Invalid read of size 8 >==10337== at 0x51319F7: conn_lastused_update (conn_idle.c:38) >==10337== by 0x5131A6E: conn_idle_all (conn_idle.c:54) >==10337== by 0x51D685E: deadtime_fn (process.c:2926) >==10337== by 0x69C5D39: smbd_idle_event_handler (util_event.c:45) >==10337== by 0x6355AB0: tevent_common_invoke_timer_handler (tevent_timed.c:376) >==10337== by 0x6355CCF: tevent_common_loop_timer_delay (tevent_timed.c:453) >==10337== by 0x63577A8: epoll_event_loop (tevent_epoll.c:667) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c658 is 232 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=17440">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 15128
:
17440
|
17441
|
17442
|
17443
|
17444
|
17457
|
17458
|
17459
|
17478
|
17479
|
17481
|
17482
|
17483