From 5ad8e9140621a9a035270a96a1e0ad0750d5483a Mon Sep 17 00:00:00 2001 From: Bryan Call Date: Thu, 11 Dec 2025 15:12:17 -0800 Subject: [PATCH] Fix null pointer dereference in traffic_crashlog ServerBacktrace() can return 0 (success) but leave the trace pointer null when the target process has already exited. This caused a SEGV when fprintf() was called with the null trace pointer. Add a null check before using the trace pointer. --- src/traffic_crashlog/traffic_crashlog.cc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/traffic_crashlog/traffic_crashlog.cc b/src/traffic_crashlog/traffic_crashlog.cc index 65eee7bc50b..9354c5f838c 100644 --- a/src/traffic_crashlog/traffic_crashlog.cc +++ b/src/traffic_crashlog/traffic_crashlog.cc @@ -109,6 +109,11 @@ crashlog_write_backtrace(FILE *fp, pid_t pid, const crashlog_target &) return false; } + if (trace == nullptr) { + fprintf(fp, "Unable to retrieve backtrace: trace is null\n"); + return false; + } + fprintf(fp, "%s", trace); free(trace); return true;