Re: Segmentation fault w/ Gnats 4.0.1

bug-gnats

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Segmentation fault w/ Gnats 4.0.1

From:	Chad Walstrom
Subject:	Re: Segmentation fault w/ Gnats 4.0.1
Date:	Mon, 22 Nov 2004 13:48:49 -0600
User-agent:	Mutt/1.5.6+20040722i

Pankaj Garg wrote:
> Haven't had a chance to explore further, but it seems that the problem
> was happening when there was only an '\n' for the third field
> (address) in the responsible file. Seems like the isspace logic is
> somehow getting messed up. Before I dig deeper, just wanted to see if
> someone else has experienced anything like this.

It's a reasonable hack.  I can't see a situation where the current
pointer would be less than addrStart, so comparing equality is probably
good enough, but I agree that the comparison is needed.

When a single character string (i.e. '\0') is passed to xstrndup (found
in misc.c) with a length specification of zero (i.e. addr - addrStart ==
0), you get Bad Things.  xstrndup() should probably validate the length
parameter to protect against this type of error.  It passes the same
length parameter to memcpy().  This is where gnatsd is probably
crashing.

Good catch.  Thanks!

-- 
Chad Walstrom <chewie@wookimus.net>           http://www.wookimus.net/
           assert(expired(knowledge)); /* core dump */

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Segmentation fault w/ Gnats 4.0.1, Pankaj Garg, 2004/11/18
- Re: Segmentation fault w/ Gnats 4.0.1, Chad Walstrom <=

Prev by Date: [address@hidden: Re: Building 4.1.0 rc1 on Solaris 8 and 9 with gcc 3.3.2]
Next by Date: [gnu.org #215273] link to TkGNATS is broken
Previous by thread: Segmentation fault w/ Gnats 4.0.1
Next by thread: [address@hidden: Re: Building 4.1.0 rc1 on Solaris 8 and 9 with gcc 3.3.2]
Index(es):
- Date
- Thread