开发者

why normal call to if_freenameindex would double free if_nameindex?

I am learning socket programming under Linux,so I make a sample program to list all the network interface,here is the code

/* print the name of interface */
#include <sys/socket.h>
#include <net/if.h>
#include <stdio.h>

int
main(void)
{
 struct if_nameindex *pif;

 pif = if_nameindex();
 while (pif->if_index) {
  printf("name: %s \t index: %d\n", pif->if_name, pif->if_index);
  pif++;
 }

 if_freenameindex(pif);

 printf("after the first if_freenameindex call\n");

 return 0;
}

run it and it returns

name: lo   index: 1
name: eth0   index: 2
name: eth1   index: 3
name: eth2   index: 4
*** glibc detected *** ./if: double free or corruption (out): 0x0983b420 ***
======= Backtrace: =========
/lib/i686/cmov/libc.so.6[0xb7edb624]
/lib/i686/cmov/libc.so.6(cfree+0x96)[0xb7edd826]
/lib/i686/cmov/libc.so.6(if_freenameindex+0x40)[0xb7f6f9e0]
./if[0x80484b6]
/lib/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7e83455]
./if[0x80483d1]
======= Memory map: ========
08048000-08049000 r-xp 00000000 03:01 51169      /home/jcyang/src/net/gnu/if
08049000-0804a000 rw-p 00000000 03:01 51169      /home/jcyang/src/net/gnu/if
0983b000-0985c000 rw-p 0983b000 00:00 0          [heap]
b7d00000-b7d21000 rw-p b7d00000 00:00 0 
b7d21000-b7e00000 ---p b7d21000 00:00 0 
b7e54000-b7e60000 r-xp 00000000 03:01 73587      /lib/libgcc_s.so.1
b7e60000-b7e61000 rw-p 0000b000 03:01 73587      /lib/libgcc_s.so.1
b7e6c000-b7e6d000 rw-p b7e6c000 00:00 0 
b7e6d000-b7fc2000 r-xp 00000000 03:01 82774      /lib/i686/cmov/libc-2.7.so
b7f开发者_开发百科c2000-b7fc3000 r--p 00155000 03:01 82774      /lib/i686/cmov/libc-2.7.so
b7fc3000-b7fc5000 rw-p 00156000 03:01 82774      /lib/i686/cmov/libc-2.7.so
b7fc5000-b7fc9000 rw-p b7fc5000 00:00 0 
b7fd3000-b7fd5000 rw-p b7fd3000 00:00 0 
b7fd5000-b7fd6000 r-xp b7fd5000 00:00 0          [vdso]
b7fd6000-b7ff0000 r-xp 00000000 03:01 73586      /lib/ld-2.7.so
b7ff0000-b7ff2000 rw-p 0001a000 03:01 73586      /lib/ld-2.7.so
bffdc000-bfff1000 rw-p bffeb000 00:00 0          [stack]
Aborted

Acoording to the GNU C Library Reference Manaul,we should use if_freenameindex to free the earily returned if_nameindex.So whats wrong?

thanks.


You should call if_freenameindex() on first pif, not the final one. for example:

struct if_nameindex *pif;
struct if_nameindex *head;
head = pif = if_nameindex(); 
while (pif->if_index) { 
   printf("name: %s \t index: %d\n", pif->if_name, pif->if_index); 
   pif++; 
} 

if_freenameindex(head); 
....
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜