Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 3 Feb 2019 19:02:38 +0100
From: Patrick Steinhardt <>
Cc: Rich Felker <>
Subject: freeaddrinfo(NULL) segfaults in v1.1.21


previous to v1.1.21 it was fine to call `freeaddrinfo(NULL)`, as
the implementation simply called `free(NULL)` in that case. Since
commit d1395c43 (allow freeaddrinfo of arbitrary sublists of
addrinfo list, 2018-10-04), this is no longer the case, as musl
now tries always de-references the passed pointer to free
potential sublists.

As long as I didn't miss it, freeaddrinfo(3P) doesn't explicitly
say whether it needs to be called with a valid pointer, and sure
enough there's applications out there which aren't careful here.
One example I found is e.g. nfs-utils, where I hit segfaults in
different places after upgrading to musl v1.1.21.

So was this change in behavior intended or is it an unwanted
side-effect of the commit in question?


Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.