Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
``` ==58960==ERROR: AddressSanitizer: heap-use-after-free on address 0x6040000707a8 at pc 0x55c24bbcd023 bp 0x7ffdb042d050 sp 0x7ffdb042d040 READ of size 8 at 0x6040000707a8 thread T0 #0 0x55c24bbcd022 in aspath_key_make bgpd/bgp_aspath.c:2070 #1 0x55c24b8f1140 in attrhash_key_make bgpd/bgp_attr.c:777 #2 0x7f52322e66c9 in hash_release lib/hash.c:220 #3 0x55c24b8f6017 in bgp_attr_unintern bgpd/bgp_attr.c:1271 #4 0x55c24ba0acaa in bgp_path_info_free_with_caller bgpd/bgp_route.c:283 #5 0x55c24ba0a7de in bgp_path_info_unlock bgpd/bgp_route.c:309 #6 0x55c24ba0af6d in bgp_path_info_reap bgpd/bgp_route.c:426 #7 0x55c24ba17b9a in bgp_process_main_one bgpd/bgp_route.c:3333 #8 0x55c24ba18a1d in bgp_process_wq bgpd/bgp_route.c:3425 #9 0x7f52323c2cd5 in work_queue_run lib/workqueue.c:282 #10 0x7f52323aab92 in thread_call lib/thread.c:2006 #11 0x7f5232300dc7 in frr_run lib/libfrr.c:1198 #12 0x55c24b8ea792 in main bgpd/bgp_main.c:520 #13 0x7f5231c3a082 in __libc_start_main ../csu/libc-start.c:308 #14 0x55c24b8ef0bd in _start (/usr/lib/frr/bgpd+0x2c90bd) 0x6040000707a8 is located 24 bytes inside of 40-byte region [0x604000070790,0x6040000707b8) freed by thread T0 here: #0 0x7f52326e740f in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:122 #1 0x55c24bbcc36f in aspath_unintern bgpd/bgp_aspath.c:345 #2 0x55c24b8f56f2 in bgp_attr_unintern_sub bgpd/bgp_attr.c:1204 #3 0x55c24b8f6049 in bgp_attr_unintern bgpd/bgp_attr.c:1277 #4 0x55c24bbc9c1a in bgp_adj_in_remove bgpd/bgp_advertise.c:208 #5 0x55c24ba0b0d4 in bgp_clear_route_table bgpd/bgp_route.c:5553 #6 0x55c24ba1ba57 in bgp_clear_route bgpd/bgp_route.c:5612 #7 0x55c24ba1bedf in bgp_clear_route_all bgpd/bgp_route.c:5634 #8 0x55c24b99c762 in bgp_fsm_change_status bgpd/bgp_fsm.c:1288 #9 0x55c24b9a163d in bgp_event_update bgpd/bgp_fsm.c:2639 #10 0x55c24b9a176b in bgp_event bgpd/bgp_fsm.c:2591 #11 0x7f52323aab92 in thread_call lib/thread.c:2006 #12 0x7f5232300dc7 in frr_run lib/libfrr.c:1198 #13 0x55c24b8ea792 in main bgpd/bgp_main.c:520 #14 0x7f5231c3a082 in __libc_start_main ../csu/libc-start.c:308 previously allocated by thread T0 here: #0 0x7f52326e7808 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:144 #1 0x7f523231e209 in qmalloc lib/memory.c:111 #2 0x55c24bbcb889 in aspath_hash_alloc bgpd/bgp_aspath.c:728 #3 0x7f52322e5f07 in hash_get lib/hash.c:162 #4 0x55c24bbcd63b in aspath_parse bgpd/bgp_aspath.c:862 #5 0x55c24b8fd48c in bgp_attr_aspath bgpd/bgp_attr.c:1613 #6 0x55c24b8fd48c in bgp_attr_parse bgpd/bgp_attr.c:3656 #7 0x55c24b9e2f22 in bgp_update_receive bgpd/bgp_packet.c:1952 #8 0x55c24b9e9a3f in bgp_process_packet bgpd/bgp_packet.c:2940 #9 0x7f52323aab92 in thread_call lib/thread.c:2006 #10 0x7f5232300dc7 in frr_run lib/libfrr.c:1198 #11 0x55c24b8ea792 in main bgpd/bgp_main.c:520 #12 0x7f5231c3a082 in __libc_start_main ../csu/libc-start.c:308 ``` Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
- Loading branch information