First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 201646
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Toolchain Maintainers <toolchain@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: SpanKY <vapier@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 201646 depends on: Show dependency tree
Bug 201646 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-12-08 02:50 0000 
looks like glibc-2.7 crashes when using the allocation flag to scanf() and
reading of strings, and the input string is an empty string

got verification from various sources/arches ... here's the output on ppc

*** glibc detected *** ./a.out: munmap_chunk(): invalid pointer: 0xff9360a0 ***
======= Backtrace: =========
/lib/libc.so.6[0xfec0318]
/lib/libc.so.6(_IO_vfscanf+0x15bc)[0xfe9d16c]
/lib/libc.so.6(vsscanf+0x94)[0xfeae0b4]
/lib/libc.so.6(_IO_sscanf+0x84)[0xfea6c04]
./a.out[0x100004d0]
/lib/libc.so.6[0xfe5eb00]
/lib/libc.so.6[0xfe5ecc0]
======= Memory map: ========
00100000-00103000 r-xp 00100000 00:00 0                                  [vdso]
0fe40000-0ff9c000 r-xp 00000000 08:04 20889953                          
/lib/libc-2.7.so
0ff9c000-0ffac000 ---p 0015c000 08:04 20889953                          
/lib/libc-2.7.so
0ffac000-0ffb0000 r--p 0015c000 08:04 20889953                          
/lib/libc-2.7.so
0ffb0000-0ffb1000 rw-p 00160000 08:04 20889953                          
/lib/libc-2.7.so
0ffb1000-0ffb4000 rw-p 0ffb1000 00:00 0
0ffc0000-0ffdf000 r-xp 00000000 08:04 20889952                          
/lib/ld-2.7.so
0ffef000-0fff0000 r--p 0001f000 08:04 20889952                          
/lib/ld-2.7.so
0fff0000-0fff1000 rw-p 00020000 08:04 20889952                          
/lib/ld-2.7.so
10000000-10001000 r-xp 00000000 08:04 8921485                           
/usr/local/src/blackfin/svn/toolchain/branches/toolchain_07r1_branch/genext2fs/build/a.out
10010000-10011000 r--p 00000000 08:04 8921485                           
/usr/local/src/blackfin/svn/toolchain/branches/toolchain_07r1_branch/genext2fs/build/a.out
10011000-10012000 rw-p 00001000 08:04 8921485                           
/usr/local/src/blackfin/svn/toolchain/branches/toolchain_07r1_branch/genext2fs/build/a.out
10012000-10033000 rwxp 10012000 00:00 0                                  [heap]
f7fd5000-f7fd7000 rw-p f7fd5000 00:00 0
ff922000-ff938000 rw-p ffffffea000 00:00 0                              
[stack]
Aborted

------- Comment #1 From SpanKY 2007-12-08 02:50:54 0000 ------- 
test code:
int main() { char *path; return sscanf ("", "%as", &path); }

------- Comment #2 From SpanKY 2007-12-10 01:13:32 0000 ------- 
fixed in glibc-2.7-r1

------- Comment #3 From SpanKY 2007-12-10 01:15:04 0000 ------- 
http://sources.gentoo.org/gentoo/src/patchsets/glibc/2.7/0050_all_glibc-2.7-sscanf-as-BZ5441.patch?rev=1.1

------- Comment #4 From Norberto Bensa 2007-12-11 04:24:19 0000 ------- 
Is this fix the cause of samba, cups, and kopete (so far) crashing?

I'm currently re-emerging 2.7-r0, but I can make some tests if you guide me.

------- Comment #5 From Norberto Bensa 2007-12-11 04:39:05 0000 ------- 
Ignore my last message. Cups and Samba are crashing because of libgcrypt-1.4.0.
First Last Prev Next    No search results available      Search page      Enter new bug