[PATCH 0/1] BUG in lineedit.c: SEGFAULT
ext-alexey.fomenko at nokia.com
Mon May 16 14:01:25 UTC 2011
In libbb/linnedit.c, read_line_input():
after signal handler assignment
> previous_SIGWINCH_handler = signal(SIGWINCH, win_changed);
function win_changed() will take care of signales, but cmdedit_prompt at this
moment is uninitialized, value will be assigned only in
parse_and_put_prompt(). So if we're getting SIGWINCH before
parse_and_put_prompt run, cmdedit_prompt (which is NULL) will be passed to
strlen() in the end, and there will be a SEGFAULT.
Steps to produce:
stop debugger on win_changed (line 2026, lineedit.c) and send SIGWINCH -
GDB example log is in attachment.
Suggesting simple solution: move signal handler assignment to be called after
Alexey Fomenko (1):
Move signal handler assignment to be called after cmdedit_prompt init
libbb/lineedit.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
-------------- next part --------------
# gdb sh
GNU gdb (GDB) 7.2-debian
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabi".
For bug reporting instructions, please see:
Reading symbols from /bin/sh...Reading symbols from /usr/lib/debug/bin/busybox...done.
(gdb) break win_changed
Breakpoint 1 at 0x4fa0c: file libbb/lineedit.c, line 1835.
Starting program: /bin/sh
Breakpoint 1, win_changed (nsig=0) at libbb/lineedit.c:1835
1835 libbb/lineedit.c: No such file or directory.
(gdb) signal SIGWINCH
Continuing with signal SIGWINCH.
Program received signal SIGSEGV, Segmentation fault.
strlen () at ../ports/sysdeps/arm/strlen.S:67
67 ../ports/sysdeps/arm/strlen.S: No such file or directory.
More information about the busybox