289396 – media-gfx/xfig-3.2.5-r3: core dump

Bug 289396 - media-gfx/xfig-3.2.5-r3: core dump

Summary: media-gfx/xfig-3.2.5-r3: core dump

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Peter Volkov (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:	286483
Blocks:
	Show dependency tree

Reported:	2009-10-16 21:26 UTC by Martin Mokrejš
Modified:	2010-01-14 20:39 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
xfig-crash.txt (xfig-crash.txt,18.09 KB, text/plain) 2009-10-16 21:28 UTC, Martin Mokrejš	Details
testcase.xfig (c-myc.xfig,107.71 KB, application/octet-stream) 2009-10-16 22:43 UTC, Martin Mokrejš	Details
fixes the zoom overflow (xfig-3.2.5-rulers-overflow.patch,2.24 KB, patch) 2009-10-30 22:30 UTC, peyser.alex	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Martin Mokrejš 2009-10-16 21:26:36 UTC

$ xfig *.xfig
color = '#ffcccc'
*** buffer overflow detected ***: xfig terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x48)[0xb7c30448]
/lib/libc.so.6[0xb7c2e5b0]
/lib/libc.so.6[0xb7c2dc78]
/lib/libc.so.6(_IO_default_xsputn+0x9e)[0xb7bb763e]
/lib/libc.so.6(_IO_vfprintf+0x37f6)[0xb7b8e0e6]
/lib/libc.so.6(__vsprintf_chk+0xa7)[0xb7c2dd27]
/lib/libc.so.6(__sprintf_chk+0x2d)[0xb7c2dc6d]
xfig[0x80e9c1d]
xfig[0x80ea574]
xfig[0x80d6da9]
xfig[0x80d76e0]
/usr/lib/libXt.so.6[0xb7e7a930]
/usr/lib/libXt.so.6[0xb7e7ab89]
/usr/lib/libXt.so.6(_XtTranslateEvent+0x660)[0xb7e7b39b]
/usr/lib/libXt.so.6(XtDispatchEventToWidget+0x5c7)[0xb7e52fbf]
/usr/lib/libXt.so.6[0xb7e5359f]
/usr/lib/libXt.so.6(XtDispatchEvent+0xab)[0xb7e525f6]
xfig[0x8084603]
/lib/libc.so.6(__libc_start_main+0xe6)[0xb7b64a66]
xfig[0x804e9a1]
======= Memory map: ========
08048000-08146000 r-xp 00000000 08:03 32538891   /usr/bin/xfig
08146000-08147000 r--p 000fd000 08:03 32538891   /usr/bin/xfig
08147000-08163000 rw-p 000fe000 08:03 32538891   /usr/bin/xfig
08163000-082cb000 rw-p 00000000 00:00 0          [heap]
b7b00000-b7b1a000 r-xp 00000000 08:03 5128285    /usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libgcc_s.so.1
b7b1a000-b7b1b000 r--p 00019000 08:03 5128285    /usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libgcc_s.so.1
b7b1b000-b7b1c000 rw-p 0001a000 08:03 5128285    /usr/lib/gcc/i686-pc-linux-gnu/4.4.1/libgcc_s.so.1
b7b1c000-b7b20000 r-xp 00000000 08:03 28754344   /usr/lib/libXfixes.so.3.1.0
b7b20000-b7b21000 r--p 00003000 08:03 28754344   /usr/lib/libXfixes.so.3.1.0
b7b21000-b7b22000 rw-p 00004000 08:03 28754344   /usr/lib/libXfixes.so.3.1.0
b7b22000-b7b2a000 r-xp 00000000 08:03 31326213   /usr/lib/libXrender.so.1.3.0
b7b2a000-b7b2b000 r--p 00007000 08:03 31326213   /usr/lib/libXrender.so.1.3.0
b7b2b000-b7b2c000 rw-p 00008000 08:03 31326213   /usr/lib/libXrender.so.1.3.0
b7b2c000-b7b35000 r-xp 00000000 08:03 14993944   /usr/lib/libXcursor.so.1.0.2
b7b35000-b7b36000 r--p 00008000 08:03 14993944   /usr/lib/libXcursor.so.1.0.2
b7b36000-b7b37000 rw-p 00009000 08:03 14993944   /usr/lib/libXcursor.so.1.0.2
b7b37000-b7b39000 rw-p 00000000 00:00 0 
b7b39000-b7b3b000 r-xp 00000000 08:03 10698805   /lib/libdl-2.10.1.so
b7b3b000-b7b3c000 r--p 00002000 08:03 10698805   /lib/libdl-2.10.1.so
b7b3c000-b7b3d000 rw-p 00003000 08:03 10698805   /lib/libdl-2.10.1.so
b7b3d000-b7b42000 r-xp 00000000 08:03 14994488   /usr/lib/libXdmcp.so.6.0.0
b7b42000-b7b43000 r--p 00004000 08:03 14994488   /usr/lib/libXdmcp.so.6.0.0
b7b43000-b7b44000 rw-p 00005000 08:03 14994488   /usr/lib/libXdmcp.so.6.0.0
b7b44000-b7b46000 r-xp 00000000 08:03 12321491   /usr/lib/libXau.so.6.0.0
b7b46000-b7b47000 r--p 00001000 08:03 12321491   /usr/lib/libXau.so.6.0.0
b7b47000-b7b48000 rw-p 00002000 08:03 12321491   /usr/lib/libXau.so.6.0.0
b7b48000-b7b49000 rw-p 00000000 00:00 0 
b7b49000-b7b4c000 r-xp 00000000 08:03 16370633   /lib/libuuid.so.1.3.0
b7b4c000-b7b4d000 r--p 00002000 08:03 16370633   /lib/libuuid.so.1.3.0
b7b4d000-b7b4e000 rw-p 00003000 08:03 16370633   /lib/libuuid.so.1.3.0
b7b4e000-b7c9f000 r-xp 00000000 08:03 11887603   /lib/libc-2.10.1.so
b7c9f000-b7ca0000 ---p 00151000 08:03 11887603   /lib/libc-2.10.1.so
b7ca0000-b7ca2000 r--p 00151000 08:03 11887603   /lib/libc-2.10.1.so
b7ca2000-b7ca3000 rw-p 00153000 08:03 11887603   /lib/libc-2.10.1.so
b7ca3000-b7ca6000 rw-p 00000000 00:00 0 
b7ca6000-b7ccc000 r-xp 00000000 08:03 10698804   /lib/libm-2.10.1.so
b7ccc000-b7ccd000 r--p 00025000 08:03 10698804   /lib/libm-2.10.1.so
b7ccd000-b7cce000 rw-p 00026000 08:03 10698804   /lib/libm-2.10.1.so
b7cce000-b7df5000 r-xp 00000000 08:03 19825895   /usr/lib/libX11.so.6.2.0
b7df5000-b7df6000 r--p 00126000 08:03 19825895   /usr/lib/libX11.so.6.2.0
b7df6000-b7df9000 rw-p 00127000 08:03 19825895   /usr/lib/libX11.so.6.2.0
b7df9000-b7e08000 r-xp 00000000 08:03 19811011   /usr/lib/libXext.so.6.4.0
b7e08000-b7e09000 r--p 0000e000 08:03 19811011   /usr/lib/libXext.so.6.4.0
b7e09000-b7e0a000 rw-p 0000f000 08:03 19811011   /usr/lib/libXext.so.6.4.0
b7e0a000-b7e0b000 rw-p 00000000 00:0Aborted (core dumped)

Comment 1 Martin Mokrejš 2009-10-16 21:28:22 UTC

Created attachment 207361 [details]
xfig-crash.txt

Comment 2 Martin Mokrejš 2009-10-16 21:28:34 UTC

$ emerge --info
Portage 2.1.7.1 (default/linux/x86/2008.0/desktop, gcc-4.4.1, glibc-2.10.1-r0, 2.6.30.6 i686)
=================================================================
System uname: Linux-2.6.30.6-i686-Mobile_Intel-R-_Pentium-R-_4_-_M_CPU_1.80GHz-with-gentoo-2.0.1
Timestamp of tree: Thu, 15 Oct 2009 10:15:01 +0000
distcc 3.1 i686-pc-linux-gnu [disabled]
app-shells/bash:     4.0_p33
dev-java/java-config: 1.3.7-r1, 2.1.9-r1
dev-lang/python:     2.5.4-r3, 2.6.3, 3.1.1-r1
dev-python/pycrypto: 2.0.1-r8
dev-util/cmake:      2.6.4-r2
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.4.3-r4
sys-apps/sandbox:    2.1
sys-devel/autoconf:  2.13, 2.63-r1
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2, 1.11
sys-devel/binutils:  2.19.1-r1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6a
virtual/os-headers:  2.6.30-r1
ACCEPT_KEYWORDS="x86 ~x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium4 -mmmx -msse -msse2 -pipe -fno-strict-aliasing -ggdb"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb /var/bind /var/lib/hsqldb /var/qmail/alias /var/qmail/control /var/vpopmail/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -march=pentium4 -mmmx -msse -msse2 -pipe -fno-strict-aliasing -ggdb"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests distlocks fixpackages metadata-transfer news nostrip parallel-fetch protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="http://gentoo.mirror.web4u.cz"
LDFLAGS="-Wl,-O1"
LINGUAS="en cs cz"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage/layman/science /usr/local/portage/layman/sunrise /usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="7zip R X Xaw3d a52 aac aalib ace acl acpi alsa amr amrnb amrwb apache audacious audiofile bash-completion bcmath berkdb blas bluetooth boost branding bzip2 cairo caps cblas cddb cdparanoia cdr clamav cli colordiff compress consolekit cpio cracklib crypt cscope css ctype cups curl curlwrappers cxx dbi dbus dga dia directfb djbfft dri dts dv dvb dvd dvdr dvdread eds emacs emboss emf enblend encode enscript exif expat faad fam fame fat fbcon ffmpeg fftw firefox flac flash foomaticdb fortran fpx ftp gcj gd gdbm ggi gif gimp gimpprint glibc-compat20 glibc-omitfp glut gmp gnuplot gnutls gpgme gphoto2 gpm graphviz gs gsl gsm gstreamer gtk gtkhtml hal hdf hdf5 hp2xx i8x0 icc iconv icu id3 ieee1394 ifc imagemagick imlib inifile innodb isdnlog ithreads jack java javascript jbig jce jikes jpeg jpeg2k kdtree kerberos lame lapack laptop lcms leim libcaca libedit libnotify libwww live lzo lzw mad maildir matroska mhash mikmod mime ming mjpeg mmap mmx mng mod_python modperl modplug modules motif mozilla moznoirc mp2 mp3 mp4 mpeg mpi mpi_njtree mpich2 mplayer mudflap mule musepack mxdatetime mysql mysqli ncurses netcdf netpbm network nls nntp nptl nptlonly nsplugin ntfs numeric ogg opengl openmp openssl pam pango pcmcia pcntl pcre pdf perl plotutils plugin png pnm postproc postscript ppds pppd procmail pymol python qt3 qt3support qt4 quicktime rar raw readline recode reflection reiserfs rpm samba sasl scanner scp seamonkey server session sftp sift slp smime sndfile soap sockets spell spl sqlite srt sse sse2 ssl startup-notification subtitles subversion svg svgz sysfs sysvipc t1lib tcl tcpd tetex theora threads thunar tidy tiff tk transcode truetype unicode urandom usb userlocales utils uuencode v4l v4l2 vcd vhook vim-syntax vim-with-x vorbis wifi win32codecs wmf wxwindows x264 x86 xanim xcf xfs xft xinerama xinetd xml xorg xpm xsl xslt xulrunner xv xvid xvmc yv12 zip zlib" ALSA_CARDS="intel-8x0m" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config mem_cache mime mime_magic rewrite setenvif speling status unique_id userdir usertrack vhost_alias negotiation" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en cs cz" USERLAND="GNU" VIDEO_CARDS="radeon vesa" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 3 Martin Mokrejš 2009-10-16 22:43:48 UTC

Created attachment 207369 [details]
testcase.xfig

Open the file, pres 'z' to zoom-out stepwise. Press the 'z' button maybe 10x and it will crash on a tiny zoom.

Comment 4 peyser.alex 2009-10-30 22:30:32 UTC

Created attachment 208810 [details, diff]
fixes the zoom overflow

Found it on the equivalent bug report from Ubuntu. I just fixed the header for the diff. Tested and it solves the problem.

Comment 5 peyser.alex 2009-10-30 22:31:53 UTC

(In reply to comment #4)
> Created an attachment (id=208810) [details]
> fixes the zoom overflow
> 
> Found it on the equivalent bug report from Ubuntu. I just fixed the header for
> the diff. Tested and it solves the problem.
> 

Of course for the ebuild, you need to add an epatch line:
--- xfig-3.2.5-r3.ebuild.old	2009-04-05 04:08:24.000000000 -0400
+++ xfig-3.2.5-r3.ebuild	2009-10-30 18:22:11.000000000 -0400
@@ -33,6 +33,7 @@
 src_unpack() {
 	unpack ${A}
 	cd "${S}"
+	epatch "${FILESDIR}"/${P}-rulers-overflow.patch
 
 	# We do not have nescape. Let's use firefox instead...
 	sed -i "s+netscape+firefox+g" Fig.ad

Comment 6 Peter Volkov (RETIRED) gentoo-dev

2010-01-13 10:59:26 UTC

Thank you for report guys. This problem should be fixed in xfig.3.2.5b, I'll bump very shortly.

Comment 7 Peter Volkov (RETIRED) gentoo-dev

2010-01-14 20:39:50 UTC

This bug was fixed upstream in 3.2.5b version. 3.2.5b was just bumped and this bug is fixed. Although we did not used this patch, thank you for report since it allows us to track what problems users experience and handle them somehow.