[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gpsd-commit-watch] [SCM] GPSD branch, master, updated. release-3.15-71-
|
From: |
Eric S. Raymond |
|
Subject: |
[gpsd-commit-watch] [SCM] GPSD branch, master, updated. release-3.15-71-g9707919 |
|
Date: |
Mon, 04 Jan 2016 20:54:03 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GPSD".
The branch, master has been updated
via 97079198f48fc91302e2e247c223cd7804abd6ee (commit)
via 5d5b916de1e9b7c8d337f7b3f4dedb41692200ee (commit)
via 60e4dd23ac249c9b23dfe4a3f10f9bd1c2a873fb (commit)
from 3b66e6cb486b157aad6a65b22caae65e10b8b4e5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 97079198f48fc91302e2e247c223cd7804abd6ee
Author: Fred Wright <address@hidden>
Date: Mon Jan 4 15:53:19 2016 -0500
Address bug #46495: gpsd_poll may crash due to unitialized pointer.
commit 5d5b916de1e9b7c8d337f7b3f4dedb41692200ee
Author: Sanjeev Gupta <address@hidden>
Date: Mon Jan 4 15:49:58 2016 -0500
Improve Debian build instructions.
commit 60e4dd23ac249c9b23dfe4a3f10f9bd1c2a873fb
Author: Eric S. Raymond <address@hidden>
Date: Mon Jan 4 15:23:46 2016 -0500
Address Savannah bug #46648: gpsd crashes and buffer overflow is reported...
...when terminated.
Perttu Salmela writes:
gpsd is started and terminated:
gpsd:INFO: launching (Version 3.15~dev)
gpsd:INFO: listening on port gpsd
gpsd:PROG: NTP: shmat(0,0,0) succeeded, segment 0
gpsd:PROG: NTP: shmat(32769,0,0) succeeded, segment 1
gpsd:PROG: NTP: shmat(65538,0,0) succeeded, segment 2
gpsd:PROG: NTP: shmat(98307,0,0) succeeded, segment 3
gpsd:PROG: NTP: shmat(131076,0,0) succeeded, segment 4
gpsd:PROG: NTP: shmat(163845,0,0) succeeded, segment 5
gpsd:PROG: NTP: shmat(196614,0,0) succeeded, segment 6
gpsd:PROG: NTP: shmat(229383,0,0) succeeded, segment 7
gpsd:PROG: successfully connected to the DBUS system bus
gpsd:PROG: shmget(0x47505344, 8928, 0666) for SHM export succeeded
gpsd:PROG: shmat() for SHM export succeeded, segment 262152
gpsd:INFO: stashing device /dev/ttymxc2 at slot 0
gpsd:INFO: running with effective group ID 0
gpsd:INFO: running with effective user ID 0
gpsd:INFO: startup at 2015-10-31T11:04:55.000Z (1446289495)
^C*** buffer overflow detected ***: ./gpsd terminated
Aborted (core dumped)
This does not happen when gpsd is started with '-n' no-wait option. If
started with '-n' device is opened fine and gpsd is terminated fine.
The problem seems to be that function gpsd.c:gps_add_device sets
devp->gpsdata.gps_fd = UNALLOCATED_FD (=-1) if no-wait ('-n') flag is
not set. Next, in the main function around line 2166:
case AWAIT_NOT_READY:
for (device = devices; device < devices + MAX_DEVICES; device++)
if (allocated_device(device) && FD_ISSET(device->gpsdata.gps_fd,
&efds)) {
FD_ISSET macro is called with invalid FD (-1). Adding the FD validity
check before FD_ISSET fixes the crash:
if (allocated_device(device) &&
(0 <= device->gpsdata.gps_fd && device->gpsdata.gps_fd < FD_SETSIZE) &&
FD_ISSET(device->gpsdata.gps_fd, &efds)) {
It is still a bit unclear for me should free_device(device) be called
even if FD is invalid.
The issue occurs on embedded arm platform and may depend on
implementation of FD_ISSET macro. The man page says "POSIX requires fd
to be a valid file descriptor". I can see that FD_ISSET is called in
couple of places elsewhere and FD validity is checked there.
The issue does not happen if client is connected. E.g. if gpspipe is
run and thereafter gpsd is terminated. This is expected since in such
case the FD must be valid as gpsd connects to device.
Output with proposed fix is:
gpsd:INFO: launching (Version 3.15~dev)
gpsd:INFO: listening on port gpsd
gpsd:PROG: NTP: shmat(0,0,0) succeeded, segment 0
gpsd:PROG: NTP: shmat(32769,0,0) succeeded, segment 1
gpsd:PROG: NTP: shmat(65538,0,0) succeeded, segment 2
gpsd:PROG: NTP: shmat(98307,0,0) succeeded, segment 3
gpsd:PROG: NTP: shmat(131076,0,0) succeeded, segment 4
gpsd:PROG: NTP: shmat(163845,0,0) succeeded, segment 5
gpsd:PROG: NTP: shmat(196614,0,0) succeeded, segment 6
gpsd:PROG: NTP: shmat(229383,0,0) succeeded, segment 7
gpsd:PROG: successfully connected to the DBUS system bus
gpsd:PROG: shmget(0x47505344, 8928, 0666) for SHM export succeeded
gpsd:PROG: shmat() for SHM export succeeded, segment 262152
gpsd:INFO: stashing device /dev/ttymxc2 at slot 0
gpsd:INFO: running with effective group ID 0
gpsd:INFO: running with effective user ID 0
gpsd:INFO: startup at 2015-10-31T11:31:19.000Z (1446291079)
^Cgpsd:WARN: received terminating signal 2.
gpsd:WARN: exiting.
-----------------------------------------------------------------------
Summary of changes:
build.txt | 4 +++-
gpsd.c | 9 ++++++++-
libgpsd_core.c | 3 +++
3 files changed, 14 insertions(+), 2 deletions(-)
hooks/post-receive
--
GPSD
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [gpsd-commit-watch] [SCM] GPSD branch, master, updated. release-3.15-71-g9707919,
Eric S. Raymond <=