After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 727447 - SIGSEGV in gvfs-tree
SIGSEGV in gvfs-tree
Status: RESOLVED FIXED
Product: gvfs
Classification: Core
Component: general
1.20.x
Other OpenBSD
: Normal critical
: ---
Assigned To: gvfs-maint
gvfs-maint
Depends on:
Blocks:
 
 
Reported: 2014-04-01 16:51 UTC by Antoine Jacoutot
Modified: 2014-04-02 06:22 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
gvfs-tree: End GOptionEntry array with NULL (869 bytes, patch)
2014-04-01 22:25 UTC, Ross Lagerwall 		committed Details | Review

Description Antoine Jacoutot 2014-04-01 16:51:07 UTC 
Hi.

I have a reproducible segfault with gvfs-tree on OpenBSD.

(gdb) run
Starting program: /usr/local/bin/gvfs-tree 

Program received signal SIGSEGV, Segmentation fault.
0x000012079622da42 in strlen (str=0x14 <Address 0x14 out of bounds>)
    at /usr/src/lib/libc/string/strlen.c:43
43              for (s = str; *s; ++s)
(gdb) bt

+ Trace 233423

  • #0 strlen
    at /usr/src/lib/libc/string/strlen.c line 43
  • #1 __vfprintf
  • #2 vasprintf
  • #3 g_vasprintf
  • #4 g_strdup_vprintf
  • #5 g_logv
  • #6 g_log
  • #7 g_option_group_add_entries
    at goption.c line 2251
  • #8 g_option_context_add_main_entries
    at goption.c line 598
  • #9 main
    at gvfs-tree.c line 251 






Comment 1


Ross Lagerwall





          2014-04-01 22:25:07 UTC
        



Created attachment 273436 [details] [review]
gvfs-tree: End GOptionEntry array with NULL

Prevent a segfault (revealed on OpenBSD) by null-terminating the
GOptionEntry array.






Comment 2


Ross Lagerwall





          2014-04-01 22:25:57 UTC
        



Does that fix the issue? Interesting that it doesn't seem to segfault on Linux.






Comment 3


Allison Karlitskaya (desrt)





          2014-04-02 03:48:43 UTC
        



Review of attachment 273436 [details] [review]:

I was just about to submit this same patch.  I should press 'reload' first :)

This is obviously correct.






Comment 4


Antoine Jacoutot





          2014-04-02 06:13:20 UTC
        



(In reply to comment #2)
> Does that fix the issue? Interesting that it doesn't seem to segfault on Linux.

Yup this works like a charm :-)
No idea why Linux does not segfault in this situation but OpenBSD is really not permissive about that kind of stuff.

Thanks!






Comment 5


Ross Lagerwall





          2014-04-02 06:22:01 UTC
        



Pushed to master as 1d944bcd1fcd1e4a8afb26758c98fa3b72786798. Thanks!