#221 Segfault on tcsd thread shutdown
We are using tcsd in our initrd image so we can use the TPM during the initrd step for TLS mutual TLS authentication. The tcsd process would crash after the TLS handshake completed. The basic segfault message was " error 4 in libc-2.17.so" and with some more debug messages enabled we would see the message "munmap_chunk() invalid pointer"
We traced it down to shutdown phase of tcsd_thread_run where it frees data->hostname. In our case the call to fetch_hostname main fails, and the default code assigns a fixed string of "<invalid client="" address="">" and the free logic only checks that hostname is not null before calling free.</invalid>
We fixed our copy to just not set hostname to "<invalid client="" address="">". Then hostname stays NULL and no bad pointer is freed.</invalid>
The following patch fixed our case working on top of trousers-0.3.14.tar.gz
diff -r trousers-orig/src/tcsd/svrside.c trousers/src/tcsd/svrside.c
56d55
<
559,560c558,562
< if (hostname == NULL)
< hostname=INVALID_ADDR_STR;
/* SKH */ /* Avoid a potential free of the constant INVALID_ADDR_STRING on thread close */ /* This was causing a crash within the initramfs phase of our boot process */ /*if (hostname == NULL) hostname=INVALID_ADDR_STR;*/
Sorry, it is been a long time since I created a patch file outside of git. I've attached a proper patch file.