vi.c coredump
walter harms
wharms at bfs.de
Thu Jun 19 14:36:22 UTC 2008
Hi list,
some news about the bug: It is present at least in 1.9.1 maybe earlier
It happens in insert_char when ENABLE_FEATURE_VI_SETOPTS is set
p = stupid_insert(p, c); // insert the char
#if ENABLE_FEATURE_VI_SETOPTS
if (showmatch && strchr(")]}", *sp) != NULL) {
showmatching(sp);
}
if (autoindent && c == '\n') { // auto indent the new line
char *q;
this code here assumes that is valid BUT /* please ignore the testcode */
if (p!=NULL) {
q = prev_line(p); // use prev line as templet
for (; isblank(*q); q++) {
p = stupid_insert(p, *q); // insert the char
}
} else {
printf("eeek\n");
}
this is not true. stupid_insert() can return NULL (see:text_hole_make() error path)
the crash can be prevented with "if (autoindent && c == '\n' && !p )" but i have no clue
what side effects that may have. Other occurrences of stupid_insert() should be visited also.
re,
wh
ps: i am sorry i forget to add the backtrace last mail
walter harms wrote:
> hi list,
> i can produce a nasty bug in vi.
> I noticed it first with 10.3 but it seems to be present in earlier versions.
>
> I can produce the bug this way:
> start vi
> goto insert mode
> select a screenfull of data with Xcursor
> clip data into vi
> <crash>
> Your mileage may vary; picking only a few data will cause no harm.
>
> btw: it is very unlikely that the problem is related to the compiler
> since it happens on my desktop and in the embedded (non x86) system.
>
> The following crash is with snapshot busybox-2008-03-04
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x08052895 in prev_line (p=0x0) at vi.c:1308
> 1308 if (p[-1] == '\n' && p > text)
>
>
> re,
> wh
>
> ps: the .config is attached
>
> pps: i have reported the bug early because i guess that the c&p approach may be used
> by more people.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> busybox mailing list
> busybox at busybox.net
> http://busybox.net/cgi-bin/mailman/listinfo/busybox
More information about the busybox
mailing list