[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FDclone-users:00976] アーカイブブラウザでSEGV
- Subject: [FDclone-users:00976] アーカイブブラウザでSEGV
- From: "Hironao Komatsu" <hirkmt@gmail.com>
- Date: Sun, 22 Apr 2012 13:53:19 +0900
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed;d=gmail.com; s=20120113;h=content-type:to:date:subject:mime-version:content-transfer-encoding:from:message-id:user-agent;bh=6XrEJMZjwozFTpSsiAgUtdj0u9ZNsEQbJzYV3G3i2pc=;b=olseNPvkiIcqmhstq6xob9vckQr5vAUdwwIvBzzfKyC9Ga+20S9LkjswPnbLvxNJjJCPVc0LRwOycrNoJ3ouHwA5vSZRFonkDcbkGeNWR0MHe2DUVMzCa+QiVctA31zRNp7ck68iS5UaFByXf2e6gZqph8hkfRNIDcx3G3Ybi+fDKBt2aHuHi/61MpUnBcyDf05bsiJi0z4mL8ocY/U6VDVB63ktpAKQjJFrPn+HPTDlxPYnsmObIbqZEJ676fL5qWy3uxTbuqhhmf3QyedCeN48Yd5BX+hb0a7eKgyLchy7sxh5ul0SkiLvl+rq+/I/8EHovrdlrbXbhfgT3WxX1A==
小松です。
適当にzipやtar.gzなアーカイブを置き、それを閲覧しようとすると低確率
でSEGVります。同一のアーカイブに対しても再現したりしなかったりしま
す。
hironao@cynthia:~/FD-3.00k% ./fd
zsh: segmentation fault (core dumped) ./fd
hironao@cynthia:~/FD-3.00k% gdb ./fd core
GNU gdb (Gentoo 7.3.1 p2) 7.3.1
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.gentoo.org/>...
Reading symbols from /home/hironao/FD-3.00k/fd...done.
[New LWP 11740]
warning: Can't read pathname for load map: 入力/出力エラーです.
Core was generated by `./fd'.
Program terminated with signal 11, Segmentation fault.
#0 0x08051df1 in Xstrdup (s=0x73252067 <Address 0x73252067 out of bounds>)
at malloc.c:94
94 n = strlen(s);
(gdb) bt
#0 0x08051df1 in Xstrdup (s=0x73252067 <Address 0x73252067 out of bounds>)
at malloc.c:94
#1 0x080c7781 in setlastfile (
cp=0x73252067 <Address 0x73252067 out of bounds>) at browse.c:1098
#2 0x080c96f2 in browsedir () at browse.c:1790
#3 0x080c9ace in main_fd (pathlist=0xbfb3e3b8, internal=0) at
browse.c:1968
#4 0x0804bef1 in main (argc=<optimized out>, argv=0xbfb3e3b4,
envp=0xbfb3e3bc)
at main.c:1583
(gdb) up 2
#2 0x080c96f2 in browsedir () at browse.c:1790
1790 else setlastfile(filelist[filepos].name);
(gdb) l
1785 }
1786
1787 if (no >= FNC_EFFECT) {
1788 if (lastfile) /*EMPTY*/;
1789 else if (filepos >= maxfile) setlastfile(curpath);
1790 else setlastfile(filelist[filepos].name);
1791 }
1792 #ifndef _NOARCHIVE
1793 else if (archivefile && no < FNC_NONE) {
1794 setlastfile(archivefile);
(gdb) p filepos
No symbol "filepos" in current context.
ええと、マクロ展開を追跡して、
(gdb) p winvar[0]
$2 = {v_archduplp = 0x972cdd0, v_archivedir = 0x0,
v_archivefile = 0x972ced8 "hoge.tar.gz", v_archtmpdir = 0x0,
v_launchp = 0x971a5f8, v_arcflist = 0x972b710, v_maxarcf = 2,
v_archdrive = 0, v_browselist = 0x0, v_browselevel = 0, v_treepath = 0x0,
v_fullpath = 0x0, v_lastfile = 0x0, v_findpattern = 0x0,
v_filelist = 0x9726ee8, v_maxfile = 0, v_maxent = 256, v_filepos = -1,
v_sorton = 1, v_dispmode = 4, v_fileperrow = 18}
v_fileposが-1になっているのがSEGVの理由らしいです。
以下のパッチは、単にSEGVを回避するだけです。
--- browse.c~ 2012-04-21 00:00:00.000000000 +0900
+++ browse.c 2012-04-21 17:17:36.006424858 +0900
@@ -1787,7 +1787,10 @@
if (no >= FNC_EFFECT) {
if (lastfile) /*EMPTY*/;
else if (filepos >= maxfile) setlastfile(curpath);
- else setlastfile(filelist[filepos].name);
+ else {
+ if (filepos < 0) filepos = 0;
+ setlastfile(filelist[filepos].name);
+ }
}
#ifndef _NOARCHIVE
else if (archivefile && no < FNC_NONE) {
--
Hironao Komatsu <hirkmt@gmail.com>