delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2014/02/17/12:25:30

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:message-id:date:from:mime-version:to:subject
:references:in-reply-to:content-type:content-transfer-encoding;
q=dns; s=default; b=wbxfO+fEKxyFOOZKtHSqjfPqJu+xCUnTWmXfI4jvfFL
X3s/kEiwXJeE0DQrZHjAySMDvFWW003g9c7VUD1nlD4qnD59SUmMZqRisu8EGVUs
AlKGyaJ/yef5vnBT9LLP3P7SjghxcobrqLb2GnBYcGPB+T9VHw81rjfoDre+UdfQ
=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:message-id:date:from:mime-version:to:subject
:references:in-reply-to:content-type:content-transfer-encoding;
s=default; bh=fqJpGA8mHertYgt38CMH0Fr7BBo=; b=UjYbAiVQ5PoTkgskS
yJkexUQSFnWkmJL98+OzBvW6uQ1TcvrBBfgFU+0qbDEIgW3T5MNe5DlY+f0suQi+
HXGljWLwgsb6dinMEvY86kO+neoZuVzpKOlDgNmS1SCxYW0cnGVOAaBBNtv+QzyP
kOP6EvFkX/c2ifsAKPpIFSjbc8=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2
X-HELO: smtpout06.bt.lon5.cpcloud.co.uk
X-CTCH-RefID: str=0001.0A090208.530245F5.0023,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0
X-Junkmail-Premium-Raw: score=7/97,refid=2.7.2:2014.2.10.91215:17:7.944,ip=,rules=__MOZILLA_MSGID, __HAS_MSGID, __SANE_MSGID, __FW_1LN_BOT_MSGID, __HAS_FROM, __USER_AGENT, __MOZILLA_USER_AGENT, __MIME_VERSION, __TO_MALFORMED_2, __TO_NO_NAME, __BOUNCE_CHALLENGE_SUBJ, __BOUNCE_NDR_SUBJ_EXEMPT, __SUBJ_ALPHA_END, __IN_REP_TO, __CT, __CT_TEXT_PLAIN, __CTE, __ANY_URI, __URI_NO_MAILTO, __URI_NO_WWW, __URI_NO_PATH, __SUBJ_ALPHA_NEGATE, __FORWARDED_MSG, BODYTEXTP_SIZE_3000_LESS, BODY_SIZE_1800_1899, __MIME_TEXT_ONLY, HTML_00_01, HTML_00_10, BODY_SIZE_5000_LESS, BODY_SIZE_2000_LESS, BODY_SIZE_7000_LESS
X-CTCH-Spam: Unknown
Message-ID: <53024604.3080904@dronecode.org.uk>
Date: Mon, 17 Feb 2014 17:25:24 +0000
From: Jon TURNEY <jon DOT turney AT dronecode DOT org DOT uk>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: Patch for run-1.3.0-1 core dump
References: <CAOJ7xCsuuhNmtz_ybGJoEeUAdWhJ1Y3+9d5mBtATH-F=VpkYGg AT mail DOT gmail DOT com> <5208EF91 DOT 7070504 AT cwilson DOT fastmail DOT fm>
In-Reply-To: <5208EF91.7070504@cwilson.fastmail.fm> 

On 12/08/2013 15:22, Charles Wilson wrote:
> On 8/10/2013 1:34 PM, foo wrote:
>> Whenever I execute run.exe, it generates run.exe.stackdump.
>>
>> At line 370 in run.c, run2_freeargv() tries to free newargv, and
>> run2_freeqrgv() expects that newargv is terminated by NULL. However,
>> in shifting newargv at line 253-256, it fails to shift NULL
>> terminator. Therefore, run2_freeargv() frees memory illegally.
>> The following patch is a workaround.
>>
>> --- run.c.old
>> +++ run.c.new
>> @@ -252,7 +252,7 @@
>>         newargv = run2_dupargv (argv);
>>         /* discard newargv[0] and shift up */
>>         free (newargv[0]);
>> -      for (newargc = 1; newargc < argc; newargc++)
>> +      for (newargc = 1; newargv[newargc-1] != NULL; newargc++)
>>            newargv[newargc-1] = newargv[newargc];
>>         newargc = argc - 1;
> 
> Thanks for the bug report and the patch. I'll investigate and update the
> package soon.

Since I've been running with CYGWIN error_start always set at the moment, I've
noticed that run is always crashing after launching the process.

I went to all the trouble of investigating this, discovering that
run2_freeargv() is double-freeing the last element in newargv because the NULL
terminator isn't moved when the arguments are shifted down over newargv[0],
and writing a patch, before I noticed that we already had one :-(

--- origsrc/run-1.3.0/src/run.c 2013-07-24 16:26:39.000000000 +0100
+++ src/run-1.3.0/src/run.c     2014-02-17 17:08:49.125000000 +0000
@@ -254,6 +254,7 @@ realMain(int argc, char* argv[])
       free (newargv[0]);
       for (newargc = 1; newargc < argc; newargc++)
          newargv[newargc-1] = newargv[newargc];
+      newargv[argc-1] = 0;
       newargc = argc - 1;

       /* update execname */



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019