| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=tZr4fl0g0kEPXSAWLDYUUwXUnkox4iRR2gxjtX7SDC4UcYe5WwQGp | |
| wTu6Q1ezHbs7myCUJbtskxb9mvOPIglMwjOnD2GQmaFtZNswjhkeJQZPh7A/8lIX | |
| dRuOtKN0230SjHs5NGXWTpxWdrRU6bkI+TmLdGM0OlZTpNcB/S929k= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=zLJB5udlbt2c1FDqFMtLhbpVbuY=; b=sU7RT56TqpcogXwDm60Mw+LMSGPT | |
| wRq7+3Bmu/nCQyWuoEA9khmDXVFqvrUlByggOiZ8HteBR7IDhTmD3deV/Q5bNBSY | |
| zOTMeCX1Y6yNM1XVL3KBqFJ3imTmXwNTvtwxh46EAaXCk7RWdDLMhxv5RXncDaXP | |
| 3+dbjg6jZ0soZv8= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Tue, 18 Feb 2014 10:05:24 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Patch for run-1.3.0-1 core dump |
| Message-ID: | <20140218090524.GC2246@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <CAOJ7xCsuuhNmtz_ybGJoEeUAdWhJ1Y3+9d5mBtATH-F=VpkYGg AT mail DOT gmail DOT com> <5208EF91 DOT 7070504 AT cwilson DOT fastmail DOT fm> <53024604 DOT 3080904 AT dronecode DOT org DOT uk> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <53024604.3080904@dronecode.org.uk> |
| User-Agent: | Mutt/1.5.21 (2010-09-15) |
--koL31lyvAMI81oAr Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Jon, Hi Chuck, On Feb 17 17:25, Jon TURNEY wrote: > On 12/08/2013 15:22, Charles Wilson wrote: > > On 8/10/2013 1:34 PM, foo wrote: > >> Whenever I execute run.exe, it generates run.exe.stackdump. > >> > >> At line 370 in run.c, run2_freeargv() tries to free newargv, and > >> run2_freeqrgv() expects that newargv is terminated by NULL. However, > >> in shifting newargv at line 253-256, it fails to shift NULL > >> terminator. Therefore, run2_freeargv() frees memory illegally. > >> The following patch is a workaround. > >> > >> --- run.c.old > >> +++ run.c.new > >> @@ -252,7 +252,7 @@ > >> newargv =3D run2_dupargv (argv); > >> /* discard newargv[0] and shift up */ > >> free (newargv[0]); > >> - for (newargc =3D 1; newargc < argc; newargc++) > >> + for (newargc =3D 1; newargv[newargc-1] !=3D NULL; newargc++) > >> newargv[newargc-1] =3D newargv[newargc]; > >> newargc =3D argc - 1; > >=20 > > Thanks for the bug report and the patch. I'll investigate and update the > > package soon. >=20 > Since I've been running with CYGWIN error_start always set at the moment,= I've > noticed that run is always crashing after launching the process. >=20 > I went to all the trouble of investigating this, discovering that > run2_freeargv() is double-freeing the last element in newargv because the= NULL > terminator isn't moved when the arguments are shifted down over newargv[0= ], > and writing a patch, before I noticed that we already had one :-( >=20 > --- origsrc/run-1.3.0/src/run.c 2013-07-24 16:26:39.000000000 +0100 > +++ src/run-1.3.0/src/run.c 2014-02-17 17:08:49.125000000 +0000 > @@ -254,6 +254,7 @@ realMain(int argc, char* argv[]) > free (newargv[0]); > for (newargc =3D 1; newargc < argc; newargc++) > newargv[newargc-1] =3D newargv[newargc]; > + newargv[argc-1] =3D 0; > newargc =3D argc - 1; >=20 > /* update execname */ There's still something wrong. I build run with this patch locally, and it seems to fix the issue at first sight. However, after the child process of run exits, run throws an exception in free(), and the stack looks broken (on 64 bit). It seems there is a double free or a free of an entirely unrelated address. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --koL31lyvAMI81oAr Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTAyJUAAoJEPU2Bp2uRE+ggSgP/3pAoTpM/2yrChTnOwAL/Fna TQDs6klwErfPmZaP7FECpUYdUBLxvcAe+XbCw5qr+WuH8hkxs1hUBKnQwT3Cr6Nk bkicb26oX+jqhU7+VTU3MYO5LUxA3ceEHFE/R7Fe15x/lV7+/mR6aXv3WjH1WHCf PGKDJsLiEtsrv9G6+Q61mzLj7jlp/+U5uXPyfOcQpJDuErFUqlilUQyPKdjnAjap BggXI7Wt9M1giwt9tGOSbRwfupt91e4P7tmbFXJNOf7GYNbPlM5M4H0ULzJXL7/7 9DYO0uurRbosMH1sEl0joe0dyMbh4Oz+LLU6AP6fhP1N34i8yP4V6HyZdC02oqp+ pBxWnlEiBzA6CSM57kYH8wkBjkcOu+5V68SYwFpTfOcQfH+XEhReAkCnDLvVw/cX fzV5BpaIBfaHBjKxOlOJPIaIih5QzyL9JesVdoHBCTTdEYo6cCnkqrpMY8oKhD1D JU6T77Ew/WBbdOm8pcHu+lEAY1/LwM2LHyH3RPYJVqAsOzIFvPI81HoIhhVsHtC+ sVye/r62WZp/Ss6EeQ7xIHiImjVeGE0EpXdIIKHL/KLvLFHE1BeUJUkP/BEHFki6 jbDiWsdYu2pStCX3axzqlxJwEJ9toPnN5ToDJX7MneVCOxvWgK5INTPMOSYBVBpG MQXYP7w98hEa/Q12nx9e =ke/Z -----END PGP SIGNATURE----- --koL31lyvAMI81oAr--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |