tftpDriver bug in 4.10.2
gedare at rtems.org
Tue Jul 21 15:53:24 UTC 2015
Yes, please open a ticket in our Trac and set the version to 4.10 and
milestone to 4.10.3
On Mon, Jul 20, 2015 at 5:31 PM, Michael Davidsaver <mdavidsaver at bnl.gov> wrote:
> It seems I've re-discovered this issue reported by Angus Gratton in 2010.
> I can confirm Angus' diagnosis. In rtems_tftp_eval_path(),
> 'pathloc->node_access' defaults to
> 'rtems_current_user_env->current_directory'. In some cases
> '->node_access' is replaced with a newly allocated string, in the others
> it is not. Unfortunately rtems_tftp_free_node_info() happily free()s
> unless cwd=='/'.
> I chased this down with GDB and confirmed that, in my case, when
> cwd=='/epics/BOOTP_HOST/epics/myhost' the current directory string is
> free'd when open() fails to open a file, which results in:
>> Program heap: free of bad pointer 358CE4 -- range 2A1C10 - 7EE0000
> when the following open() does the same.
> Looking through the VCS history I think this issue was fixed in 2012 as
> a consequence of*. I haven't confirmed this since EPICS doesn't build
> against the VCS master branch.
> I have confirmed that it isn't fixed on the 4.10 branch.
> If this bug were to be fixed on the 4.10 branch, is there any chance of
> getting it included in a 4.10.3 release in the near future?
> * 3b7c123c8d910eb60ab3b38dec6224e2de9847c9
> users mailing list
> users at rtems.org
More information about the users