[BusyBox 0001120]: patch crashes on BusyBox 1.2.2 patching glibc-2.4
bugs at busybox.net
bugs at busybox.net
Sun Dec 17 00:33:56 UTC 2006
The following issue has been CLOSED
======================================================================
http://busybox.net/bugs/view.php?id=1120
======================================================================
Reported By: cziom
Assigned To: BusyBox
======================================================================
Project: BusyBox
Issue ID: 1120
Category: Other
Reproducibility: always
Severity: crash
Priority: normal
Status: closed
Resolution: open
Fixed in Version:
======================================================================
Date Submitted: 12-16-2006 14:40 PST
Last Modified: 12-16-2006 16:33 PST
======================================================================
Summary: patch crashes on BusyBox 1.2.2 patching glibc-2.4
Description:
Executing busybox 'patch' applet encounters a double free error and
crashes.
On a LinuxFromScratch pure64 build on an AMD Opteron system, kernel
2.6.19, patching glibc-2.4 with the glibc-2.4-localedef_segfault-1.patch
using the gnu patch utility produces the following correct results:
patching file locale/programs/3level.h
Hunk http://busybox.net/bugs/view.php?id=1 succeeded at 311 with fuzz 2 (offset
107 lines).
However, when using the BusyBox patch applet, the following occurs:
patching file locale/programs/3level.h
patch: Hunk http://busybox.net/bugs/view.php?id=1 FAILED at 204.
patch: 1 out of 1 hunk FAILED
*** glibc detected *** patch: double free or corruption (!prev):
0x00000000005cf280 ***
======= Backtrace: =========
/tools/lib/libc.so.6[0x2af46ff640ad]
/tools/lib/libc.so.6(__libc_free+0x6c)[0x2af46ff656ac]
patch[0x46854f]
patch[0x478bae]
patch[0x478c13]
/tools/lib/libc.so.6(__libc_start_main+0xf4)[0x2af46ff18094]
patch[0x407569]
======= Memory map: ========
00400000-004b9000 r-xp 00000000 08:01 8699915
/usr/bin/patch
005b9000-005bc000 rw-p 000b9000 08:01 8699915
/usr/bin/patch
005bc000-005f0000 rw-p 005bc000 00:00 0
[heap]
2af46fb2b000-2af46fb45000 r-xp 00000000 08:01 6456809
/tools/lib/ld-2.4.so
2af46fb45000-2af46fb46000 rw-p 2af46fb45000 00:00 0
2af46fc44000-2af46fc45000 r--p 00019000 08:01 6456809
/tools/lib/ld-2.4.so
2af46fc45000-2af46fc46000 rw-p 0001a000 08:01 6456809
/tools/lib/ld-2.4.so
2af46fc46000-2af46fc4b000 r-xp 00000000 08:01 6456720
/tools/lib/libcrypt-2.4.so
2af46fc4b000-2af46fd4a000 ---p 00005000 08:01 6456720
/tools/lib/libcrypt-2.4.so
2af46fd4a000-2af46fd4b000 r--p 00004000 08:01 6456720
/tools/lib/libcrypt-2.4.so
2af46fd4b000-2af46fd4c000 rw-p 00005000 08:01 6456720
/tools/lib/libcrypt-2.4.so
2af46fd4c000-2af46fd7b000 rw-p 2af46fd4c000 00:00 0
2af46fd7b000-2af46fdfa000 r-xp 00000000 08:01 6456556
/tools/lib/libm-2.4.so
2af46fdfa000-2af46fef9000 ---p 0007f000 08:01 6456556
/tools/lib/libm-2.4.so
2af46fef9000-2af46fefa000 r--p 0007e000 08:01 6456556
/tools/lib/libm-2.4.so
2af46fefa000-2af46fefb000 rw-p 0007f000 08:01 6456556
/tools/lib/libm-2.4.so
2af46fefb000-2af47001a000 r-xp 00000000 08:01 6456035
/tools/lib/libc-2.4.so
2af47001a000-2af47011a000 ---p 0011f000 08:01 6456035
/tools/lib/libc-2.4.so
2af47011a000-2af47011e000 r--p 0011f000 08:01 6456035
/tools/lib/libc-2.4.so
2af47011e000-2af47011f000 rw-p 00123000 08:01 6456035
/tools/lib/libc-2.4.so
2af47011f000-2af470128000 rw-p 2af47011f000 00:00 0
2af470200000-2af470221000 rw-p 2af470200000 00:00 0
2af470221000-2af470300000 ---p 2af470221000 00:00 0
2af470300000-2af47030d000 r-xp 00000000 08:01 6456846
/tools/lib/libgcc_s.so.1
2af47030d000-2af47040c000 ---p 0000d000 08:01 6456846
/tools/lib/libgcc_s.so.1
2af47040c000-2af47040d000 rw-p 0000c000 08:01 6456846
/tools/lib/libgcc_s.so.1
7fff3af69000-7fff3af7f000 rw-p 7fff3af69000 00:00 0
[stack]
ffffffffff600000-ffffffffffe00000 ---p 00000000 00:00 0
[vdso]
Aborted
BusyBox patch does not specify if it supports fuzz=2. It should not crash
in any case. I have not attempted to replicate this error on a standard 32
bit system. It is unknown whether similar behavior will occur in other
environments.
======================================================================
----------------------------------------------------------------------
vda - 12-16-06 15:54
----------------------------------------------------------------------
Attachment bbox_patch_crash.tar.bz2 seems corrupted:
/usr/bin/bzip2 -t bbox_patch_crash.tar.bz2
bzip2: bbox_patch_crash.tar.bz2: data integrity (CRC) error in data
...
# /usr/bin/bzip2 --help
bzip2, a block-sorting file compressor. Version 1.0.2, 30-Dec-2001.
...
----------------------------------------------------------------------
vda - 12-16-06 16:02
----------------------------------------------------------------------
Corrected archive is uploaded
----------------------------------------------------------------------
vda - 12-16-06 16:31
----------------------------------------------------------------------
Fix:
bb_error_msg("hunk
#%d FAILED at %d", hunk_count, hunk_offset_start);
hunk_error++;
free(patch_line);
+ patch_line =
NULL;
break;
}
free(src_line);
It doesn't crash anymore.
However bbox patch is still failing to apply the patch, while
patch 2.5.4 succeeds:
patching file 3level.h
Hunk http://busybox.net/bugs/view.php?id=1 succeeded at 202 (offset -2 lines).
----------------------------------------------------------------------
vda - 12-16-06 16:33
----------------------------------------------------------------------
Fixed in rev 16978
Issue History
Date Modified Username Field Change
======================================================================
12-16-06 14:40 cziom New Issue
12-16-06 14:40 cziom Status new => assigned
12-16-06 14:40 cziom Assigned To => BusyBox
12-16-06 14:40 cziom File Added: bbox_patch_crash.tar.bz2
12-16-06 15:54 vda Note Added: 0001870
12-16-06 16:01 vda File Added: bbox_patch-p3_crash.tar.bz2
12-16-06 16:02 vda Note Added: 0001871
12-16-06 16:31 vda Note Added: 0001872
12-16-06 16:33 vda Status assigned => closed
12-16-06 16:33 vda Note Added: 0001873
======================================================================
More information about the busybox-cvs
mailing list