Package: ser2net
Version: 2.9.1-1
Hello,
* Package :
ser2net 2.9.1 (installed from apt)
* Environment :
$ uname -a
Linux xxx 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u1 (2015-12-14)
x86_64 GNU/Linux
$ dpkg -l|grep ser2net
ii ser2net 2.9.1-1 amd64
Serial port to network proxy
$ dpkg -l|grep libc6
ii libc6 2.19-18+deb8u1 amd64
GNU C Library: Shared libraries
$ cat /etc/ser2net.conf
BANNER:banner:\r\nser2net port \p device \d [\s] (Debian GNU/Linux)\r\n\r\n
13413:telnet:0:/dev/ttyS5:115200 8DATABITS NONE 1STOPBIT LOCAL banner
* Bug description :
While echoing a binary string containing '0xff' multiple times, the ser2net
service crashes with the following syslog message :
Jan 19 08:32:45 xxx kernel: [516850.626115] ser2net[29002]: segfault at ff
ip 00000000004027d0 sp 00007ffd11ec0468 error 4 in ser2net[400000+11000]
The ser2net service is then down.
The address 0x4027d0 correspond to the function call:
write_ignore_fail(cntlr->tcpfd, data, count);
on file controller.c :
void
controller_write(struct controller_info *cntlr, const char *data, int count)
{
write_ignore_fail(cntlr->tcpfd, data, count);
}
* How to reproduce :
The following command establish a serial connection to a remote system:
$ telnet localhost 13413
~ # echo -e
"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x
ff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x
ff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x
ff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x
ff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x
ff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
�������������������������������������������������������������Connection
closed by foreign host.
This command performed with picocom utility works without any problem.
The same behaviour was also seen with last ser2net version (2.10)
recompiled from sources.
Best regards
--
Philippe
