Bug 778 - unbound 1.5.9: -h segfault (null deref)
unbound 1.5.9: -h segfault (null deref)
Product: unbound
Classification: Unclassified
Component: server
x86_64 OpenBSD
: P5 normal
Assigned To: unbound team
Depends on:
  Show dependency treegraph
Reported: 2016-06-11 22:23 CEST by stu-nlnetlabs
Modified: 2016-06-13 09:10 CEST (History)
2 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description stu-nlnetlabs 2016-06-11 22:23:32 CEST
usage() tries to print information about the even library, but it calls ub_get_event_sys() with NULL as the first argument, resulting in a null deref in ub_libevent_get_event_base().

(gdb) set args -h
(gdb) r
Starting program: /usr/obj/usr.sbin/unbound/unbound -h
usage:  unbound [options]
	start unbound daemon DNS resolver.
-h	this help
-c file	config file to read instead of /var/unbound/etc/unbound.conf
	file format is described in unbound.conf(5).
-d	do not fork into the background.
-v	verbose (more times to increase verbosity)
Version 1.5.9

Program received signal SIGSEGV, Segmentation fault.
0x0000179152f2d46a in ub_libevent_get_event_base (base=0x0)
    at /usr/src/usr.sbin/unbound/util/ub_event_pluggable.c:415
415		if (base->vmt == &default_event_base_vmt)
(gdb) p base
$1 = (struct ub_event_base *) 0x0
(gdb) bt
#0  0x0000179152f2d46a in ub_libevent_get_event_base (base=0x0)
    at /usr/src/usr.sbin/unbound/util/ub_event_pluggable.c:415
#1  0x0000179152f2d4b7 in ub_get_event_sys (ub_base=0x0, n=0x7f7ffffe3db8, 
    s=0x7f7ffffe3db0, m=0x7f7ffffe3da8)
    at /usr/src/usr.sbin/unbound/util/ub_event_pluggable.c:453
#2  0x0000179152f17714 in usage ()
    at /usr/src/usr.sbin/unbound/daemon/unbound.c:113
#3  0x0000179152f18b7a in main (argc=2, argv=0x7f7ffffe3e98)
    at /usr/src/usr.sbin/unbound/daemon/unbound.c:692
(gdb) frame 2
#2  0x0000179152f17714 in usage ()
    at /usr/src/usr.sbin/unbound/daemon/unbound.c:113
113		ub_get_event_sys(NULL, &evnm, &evsys, &evmethod);
(gdb) list
108		printf("-w opt	windows option: \n");
109		printf("   	install, remove - manage the services entry\n");
110		printf("   	service - used to start from services control panel\n");
111	#endif
112		printf("Version %s\n", PACKAGE_VERSION);
113		ub_get_event_sys(NULL, &evnm, &evsys, &evmethod);
114		printf("linked libs: %s %s (it uses %s), %s\n", 
115			evnm, evsys, evmethod,
116	#ifdef HAVE_SSL
117			SSLeay_version(SSLEAY_VERSION)
Comment 1 Wouter Wijngaards 2016-06-13 09:10:00 CEST
Hi stu,

Thanks for the heads up.  This only affected -h by the way.  Should be fixed now.

Best regards, Wouter