[prev in list] [next in list] [prev in thread] [next in thread] 

List:       busybox
Subject:    [PATCH 0/1] BUG in lineedit.c: SEGFAULT
From:       Alexey Fomenko <ext-alexey.fomenko () nokia ! com>
Date:       2011-05-16 14:01:25
Message-ID: 1305554485.2443.213.camel () localhost ! localdomain
[Download RAW message or body]

BUG DESCRIPTION:
 In libbb/linnedit.c, read_line_input():
after signal handler assignment
> previous_SIGWINCH_handler = signal(SIGWINCH, win_changed);
function win_changed() will take care of signales, but cmdedit_prompt at this
moment is uninitialized, value will be assigned only in
parse_and_put_prompt(). So if we're getting SIGWINCH before
parse_and_put_prompt run, cmdedit_prompt (which is NULL) will be passed to
strlen() in the end, and there will be a SEGFAULT.
 Steps to produce: 
stop debugger on win_changed (line 2026, lineedit.c) and send SIGWINCH -
SEGFAULT immediately. 
 GDB example log is in attachment.

PATCH DESCRIPTION:
 Suggesting simple solution: move signal handler assignment to be called after
cmdedit_prompt initialization.

Alexey Fomenko (1):
  Move signal handler assignment to be called after cmdedit_prompt init

 libbb/lineedit.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

-- 
1.7.3.4



["debug.txt" (debug.txt)]

# gdb sh
GNU gdb (GDB) 7.2-debian
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabi".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /bin/sh...Reading symbols from /usr/lib/debug/bin/busybox...done.
done.
(gdb) break win_changed
Breakpoint 1 at 0x4fa0c: file libbb/lineedit.c, line 1835.
(gdb) run
Starting program: /bin/sh 



Breakpoint 1, win_changed (nsig=0) at libbb/lineedit.c:1835
1835    libbb/lineedit.c: No such file or directory.
        in libbb/lineedit.c
(gdb) signal SIGWINCH
Continuing with signal SIGWINCH.

Program received signal SIGSEGV, Segmentation fault.
strlen () at ../ports/sysdeps/arm/strlen.S:67
67      ../ports/sysdeps/arm/strlen.S: No such file or directory.
        in ../ports/sysdeps/arm/strlen.S
(gdb) 


_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic