Re: [exim] Exim 4.84 - segfault

Top Page
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-users
Subject: Re: [exim] Exim 4.84 - segfault
On Fri, Aug 29, 2014 at 03:42:34PM +0100, John Horne wrote:

> I now get a different segfault:
>
> =============================
> Aug 29 15:35:04 tracy kernel: exim[28249]: segfault at 343665736162 ip
> 00007faf521266a9 sp 00007fff38f65330 error 4 in exim[7faf52098000
> +114000]
> =============================


This is some sort of buffer overflow or other memory corruption,
the address in question looks like data:

    $ echo 343665736162 | perl -pe 's/(..)/chr(hex($1))/eg'
    46esab


which is "base64" backwards (Intel is a little-endian platform).
The data of the string "base64" should not be treated as a memory
address.

Perhaps the previously uninitialized pointer is later freed, but
the now initialized address in question was not allocated with
malloc(). In which case, the initialization should malloc a copy
of the empty string. The above is a wild guess, the folks maintaining
the code will know better.

-- 
    Viktor.