[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-mdk] Crash freeing arg in cmd_pmem_()
|
From: |
Jason Uhlenkott |
|
Subject: |
[bug-mdk] Crash freeing arg in cmd_pmem_() |
|
Date: |
Sun, 13 May 2001 14:07:09 -0800 (AKDT) |
|
User-agent: |
IMP/PHP IMAP webmail program 2.2.4 |
Hello,
$ ./mixvm --version
./mixvm 0.3.1, MIX Virtual Machine.
Copyright (C) 2000, 2001 Free Software Foundation, Inc.
GNU MDK is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
GNU MDK is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
$ ./mixvm
MIX > pmem 1000-1030
1000: + 00 00 00 00 00 (0000000000)
1001: + 00 00 00 00 00 (0000000000)
1002: + 00 00 00 00 00 (0000000000)
1003: + 00 00 00 00 00 (0000000000)
1004: + 00 00 00 00 00 (0000000000)
1005: + 00 00 00 00 00 (0000000000)
1006: + 00 00 00 00 00 (0000000000)
1007: + 00 00 00 00 00 (0000000000)
1008: + 00 00 00 00 00 (0000000000)
1009: + 00 00 00 00 00 (0000000000)
1010: + 00 00 00 00 00 (0000000000)
1011: + 00 00 00 00 00 (0000000000)
1012: + 00 00 00 00 00 (0000000000)
1013: + 00 00 00 00 00 (0000000000)
1014: + 00 00 00 00 00 (0000000000)
1015: + 00 00 00 00 00 (0000000000)
1016: + 00 00 00 00 00 (0000000000)
1017: + 00 00 00 00 00 (0000000000)
1018: + 00 00 00 00 00 (0000000000)
1019: + 00 00 00 00 00 (0000000000)
1020: + 00 00 00 00 00 (0000000000)
1021: + 00 00 00 00 00 (0000000000)
1022: + 00 00 00 00 00 (0000000000)
1023: + 00 00 00 00 00 (0000000000)
1024: + 00 00 00 00 00 (0000000000)
1025: + 00 00 00 00 00 (0000000000)
1026: + 00 00 00 00 00 (0000000000)
1027: + 00 00 00 00 00 (0000000000)
1028: + 00 00 00 00 00 (0000000000)
1029: + 00 00 00 00 00 (0000000000)
1030: + 00 00 00 00 00 (0000000000)
Segmentation fault (core dumped)
$ gdb ./mixvm core
GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux"...
Core was generated by `./mixvm'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libhistory.so.4.1...done.
Loaded symbols for /usr/lib/libhistory.so.4.1
Reading symbols from /usr/lib/libreadline.so.4.1...done.
Loaded symbols for /usr/lib/libreadline.so.4.1
Reading symbols from /usr/lib/libncurses.so.5...done.
Loaded symbols for /usr/lib/libncurses.so.5
Reading symbols from /usr/lib/libgmodule-1.2.so.0...done.
Loaded symbols for /usr/lib/libgmodule-1.2.so.0
Reading symbols from /usr/lib/libglib-1.2.so.0...done.
Loaded symbols for /usr/lib/libglib-1.2.so.0
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /usr/lib/libgtk-1.2.so.0...done.
Loaded symbols for /usr/lib/libgtk-1.2.so.0
Reading symbols from /usr/lib/libgdk-1.2.so.0...done.
Loaded symbols for /usr/lib/libgdk-1.2.so.0
Reading symbols from /usr/X11R6/lib/libXi.so.6...done.
Loaded symbols for /usr/X11R6/lib/libXi.so.6
Reading symbols from /usr/X11R6/lib/libXext.so.6...done.
Loaded symbols for /usr/X11R6/lib/libXext.so.6
Reading symbols from /usr/X11R6/lib/libX11.so.6...done.
Loaded symbols for /usr/X11R6/lib/libX11.so.6
Reading symbols from /lib/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /usr/lib/libglade.so.0...done.
Loaded symbols for /usr/lib/libglade.so.0
Reading symbols from /usr/lib/libxml.so.1...done.
Loaded symbols for /usr/lib/libxml.so.1
---Type <return> to continue, or q <return> to quit---
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
#0 chunk_free (ar_ptr=0x404c4c00, p=0x807bc05) at malloc.c:3070
3070 malloc.c: No such file or directory.
(gdb) bt
#0 chunk_free (ar_ptr=0x404c4c00, p=0x807bc05) at malloc.c:3070
#1 0x4042668c in __libc_free (mem=0x807bc0d) at malloc.c:3044
#2 0x400a8ce2 in g_free () from /usr/lib/libglib-1.2.so.0
#3 0x8053f5a in cmd_pmem_ (dis=0x80711f0, carg=0x807bc2d "1000-1030")
at mix_vm_command.c:745
#4 0x805312f in mix_vm_cmd_dispatcher_dispatch (dis=0x80711f0,
cmd=MIX_CMD_PMEM, arg=0x807bc2d "1000-1030") at mix_vm_command.c:284
#5 0x804ca6a in mixvm_cmd_exec (line=0x807bc28 "pmem") at mixvm_command.c:362
#6 0x804c398 in mix_vmloop (file=0x0, use_emacs=0) at mixvm_loop.c:79
#7 0x804c246 in main (argc=1, argv=0xbffff9ec) at mixvm.c:131
#8 0x403c8a2c in __libc_start_main (main=0x804c07c <main>, argc=1,
ubp_av=0xbffff9ec, init=0x804ba74 <_init>, fini=0x805727c <_fini>,
rtld_fini=0x4000d3c8 <_dl_fini>, stack_end=0xbffff9e4)
at ../sysdeps/generic/libc-start.c:111
(gdb)
Here's a fix:
--- mix_vm_command.c.orig Fri Apr 6 22:02:28 2001
+++ mix_vm_command.c Sun May 13 17:53:17 2001
@@ -694,6 +694,7 @@
int i = 0;
gboolean error = FALSE;
gchar *arg = NULL;
+ gchar *endp;
if ( strlen (carg) == 0 )
{
@@ -711,16 +712,16 @@
{
arg[i++] = '\0';
begin = atol (arg);
- arg = arg + i;
+ endp = arg + i;
i = 0;
- while (isdigit (arg[i]))
+ while (isdigit (endp[i]))
i++;
- while (isspace (arg[i]))
+ while (isspace (endp[i]))
i++;
- if (arg[i] != '\0')
+ if (endp[i] != '\0')
error = TRUE;
else
- end = atol (arg);
+ end = atol (endp);
}
else
error = TRUE;
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug-mdk] Crash freeing arg in cmd_pmem_(),
Jason Uhlenkott <=