[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Lynx-dev] SIGSEGV in scan_cookie_sublist
From: |
Thomas Dickey |
Subject: |
Re: [Lynx-dev] SIGSEGV in scan_cookie_sublist |
Date: |
Mon, 01 Apr 2013 19:32:49 -0400 |
User-agent: |
Mutt/1.5.20 (2009-06-14) |
On Mon, Apr 01, 2013 at 09:01:07PM +0000, Thorsten Glaser wrote:
> Dixi quod…
>
> >possibly a use-after-free, possibly a corruption).
>
> Definitely use-after-free and on the site that recently
> changed their layout visibly (and thus, maybe cookies):
sadly, neither clang --analyze or coverity found anything to say about
LYCookie.c
...
That's plausible - valgrind isn't finding anything interesting if I'm not
exercising the
corresponding type of change to a cookie. For instance, lots of sites abuse
the expiration
date. But I could construct my own cookie with a name not known to the site
that does
expire before the current session. It might not be the expiration date, but
some other
scenario.
You might get some insight on this by running with
lynx -trace -trace-mask=32
(even, with the 0xdf's, seeing some corruption in the trace)
If I had a reproducible problem in cookies, I'd find it useful to have a
trace-function
that dumps the list from various points, so I could more easily spot (in the
long trace)
where it broke. If the linked-list is broken, tracing it more often would
likely cause
the program to die near the actual problem.
> (gdb) bt
> #0 scan_cookie_sublist (hostname=0xa68fe080 "www.fanfiction.net",
> path=0xa0fc5080 "/s/7680982/10", port=80, sublist=0xa877ffe0, header=0x0,
> secure=0)
> at /usr/src/gnu/usr.bin/lynx/src/LYCookie.c:726
From your earlier comment -
The sprintf on line 724 printf 4 bytes into an 8-byte buffer.
> #1 0x1c0794bf in LYAddCookieHeader (hostname=0xa68fe080 "www.fanfiction.net",
> path=0xa0fc5080 "/s/7680982/10", port=80, secure=0)
> at /usr/src/gnu/usr.bin/lynx/src/LYCookie.c:1886
> #2 0x1c08eefd in HTLoadHTTP (arg=0xa53bdb80
> "http://www.fanfiction.net/s/7680982/10",
> anAnchor=0xa7656c00, format_out=0xa0f806a0, sink=0x0)
> at /usr/src/gnu/usr.bin/lynx/WWW/Library/Implementation/HTTP.c:1360
I'm not seeing any cookies if I browse this site :-(
--
Thomas E. Dickey <address@hidden>
http://invisible-island.net
ftp://invisible-island.net
signature.asc
Description: Digital signature