--------------------- PatchSet 6186 Date: 2007/11/27 07:25:50 Author: amosjeffries Branch: squid3-ipv6 Tag: (none) Log: Add protection for squid against broken connect() in Debian Linux. Debian at least, is known to corrupt the addrinfo pointers passed to it when it fails. In linux builds, check for an error condition and drop the addrinfo pointer before attempting to free the memory. Members: src/comm.cc:1.47.2.54->1.47.2.55 Index: squid3/src/comm.cc =================================================================== RCS file: /cvsroot/squid-sf//squid3/src/comm.cc,v retrieving revision 1.47.2.54 retrieving revision 1.47.2.55 diff -u -r1.47.2.54 -r1.47.2.55 --- squid3/src/comm.cc 1 Nov 2007 10:39:57 -0000 1.47.2.54 +++ squid3/src/comm.cc 27 Nov 2007 07:25:50 -0000 1.47.2.55 @@ -1,5 +1,6 @@ + /* - * $Id: comm.cc,v 1.47.2.54 2007/11/01 10:39:57 amosjeffries Exp $ + * $Id: comm.cc,v 1.47.2.55 2007/11/27 07:25:50 amosjeffries Exp $ * * DEBUG: section 5 Socket Functions * AUTHOR: Harvest Derived @@ -599,10 +600,9 @@ /* prevent those nasty RST packets */ char buf[SQUID_TCP_SO_RCVBUF]; - if (fd_table[fd].flags.nonblocking == 1) - while (FD_READ_METHOD(fd, buf, SQUID_TCP_SO_RCVBUF) > 0) - - ; + if (fd_table[fd].flags.nonblocking == 1) { + while (FD_READ_METHOD(fd, buf, SQUID_TCP_SO_RCVBUF) > 0) {}; + } #endif } @@ -1306,7 +1306,7 @@ { comm_err_t status = COMM_OK; fde *F = &fd_table[sock]; - int x; + int x = 0; int err = 0; socklen_t errlen; struct addrinfo *AI = NULL; @@ -1379,6 +1379,19 @@ #endif } + +#ifdef _SQUID_LINUX_ + /* 2007-11-27: + * Linux Debian replaces our allocated AI pointer with garbage when + * connect() fails. This leads to segmentation faults deallocating + * the system-allocated memory when we go to clean up our pointer. + * HACK: is to leak the memory returned since we can't deallocate. + */ + if(errno != 0) { + AI = NULL; + } +#endif + address.FreeAddrInfo(AI); PROF_stop(comm_connect_addr);