GNOME Bugzilla – Bug 359145
crash on listing a directory with symlink named like a year
Last modified: 2009-05-25 23:19:54 UTC
[pterjan@plop ~]$ gdb gnomevfs-ls GNU gdb 6.3-8mdv2007.0 (Mandriva Linux release 2007.0) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i586-mandriva-linux-gnu"... warning: the debug information found in "/usr/lib/debug//usr/bin/gnomevfs-ls.debug" does not match "/usr/bin/gnomevfs-ls" (CRC mismatch). (no debugging symbols found) Using host libthread_db library "/lib/i686/libthread_db.so.1". (gdb) run ftp://distrib-coffee.ipsl.jussieu.fr/pub/linux/MandrivaLinux/devel/ Starting program: /usr/bin/gnomevfs-ls ftp://distrib-coffee.ipsl.jussieu.fr/pub/linux/MandrivaLinux/devel/ Reading symbols from shared object read from target memory...(no debugging symbols found)...done. Loaded system supplied DSO at 0xbfffe000 warning: the debug information found in "/usr/lib/debug//lib/libdbus-1.so.3.0.0.debug" does not match "/lib/libdbus-1.so.3" (CRC mismatch). [Thread debugging using libthread_db enabled] [New Thread -1215732032 (LWP 4672)] warning: the debug information found in "/usr/lib/debug//usr/lib/gnome-vfs-2.0/modules/libftp.so.debug" does not match "/usr/lib/gnome-vfs-2.0/modules/libftp.so" (CRC mismatch). You must log in to access distrib-coffee.ipsl.jussieu.fr Login anonymously? 1 Yes 2 No 1 . (Directory, x-directory/normal) size 148 .. (Directory, x-directory/normal) size 56 10.0 (Directory, x-directory/normal) size 69 10.1 (Directory, x-directory/normal) size 39 10.2 (Directory, x-directory/normal) size 52 (gnomevfs-ls:4672): libgnomevfs-CRITICAL **: gnome_vfs_uri_resolve_relative: assertion `relative_reference != NULL' failed (gnomevfs-ls:4672): libgnomevfs-CRITICAL **: gnome_vfs_uri_get_host_name: assertion `uri != NULL' failed Program received signal SIGSEGV, Segmentation fault.
+ Trace 74169
Thread NaN (LWP 4672)
The directory listing : 227 Entering Passive Mode (134,157,176,20,255,149) 150 Here comes the directory listing. drwxr-xr-x 6 500 500 69 Jun 03 2004 10.0 drwxr-xr-x 5 500 500 39 Nov 09 2004 10.1 drwxr-xr-x 6 500 500 52 Apr 11 2005 10.2 lrwxrwxrwx 1 500 500 4 Sep 19 12:37 2005 -> 10.2 drwxr-xr-x 5 500 500 42 Jul 15 2005 2006.0 drwxr-xr-x 5 500 500 42 Sep 22 13:21 2007.0 lrwxrwxrwx 1 500 500 7 Sep 19 12:37 community -> 2006.0/ drwxr-xr-x 10 500 500 126 Aug 07 20:49 cooker drwxr-xr-x 10 500 500 152 Aug 30 17:18 iso drwxr-xr-x 3 500 500 19 Feb 25 2006 system_image drwxr-xr-x 8 500 500 101 Jul 15 2005 testing 226 Directory send OK. I could reproduce locally on my server with a link named 2005. The crash occurs both with symlink to directory and to normal file. Given the warnings, I gues the 2005 part is removed and we end up with an empty string.
With correct debug info : (gdb) bt
+ Trace 74173
Apart from fixing the "begins with a date" bug, some tests could be added to avoid crashing : Checking the result of gnome_vfs_parse_ls_lga in unix_ls_to_file_info might help but it looks like the return code is not checked before using the filled struct in do_read_directory. Checking file_info->valid_fields & GNOME_VFS_FILE_INFO_FIELDS_SYMLINK_NAME even if file_info->type == GNOME_VFS_FILE_TYPE_SYMBOLIC_LINK could be nice (or even check that symlink_info->symlink_name is not NULL before using it). The one that will avoid this exact crash but in fact comes from errors earlier : check if link_uri is NULL before giving it to strcmp.
Created attachment 77043 [details] [review] Patch avoiding the crash but not fixing the issue It no longer crashes because 2007.0 is now a link so it's arrow is used. I can however still reproduce on a directory containing only a 2005 symlink. Here is a patch avoiding the crash here but I'm not sure the error is the right one and maybe some apps will react badly with this invalid symlink ("-> the target" is the name and the is no target)
Bug 350052, bug 359145, bug 361017 and bug 367521 describe incorrect behaviour or crashes relating to filenames, directories or symlinks starting with a year. Bug 359145 and bug 367521 have extensive analysis and bug 359145 also contains a patch. Can we make sure these are not caused by the same issue and have the patch looked at?
Can you still reproduce this with a version of gnome-vfs that contains the patch from bug 350052?
It works fine now, as the name is no longer empty.
*** Bug 582746 has been marked as a duplicate of this bug. ***