[asterisk-bugs] [JIRA] (ASTERISK-22351) Segfault in LIBEDIT_INTERNAL after tgetstr()
Matt Jordan (JIRA)
noreply at issues.asterisk.org
Fri Aug 23 08:41:05 CDT 2013
[ https://issues.asterisk.org/jira/browse/ASTERISK-22351?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=209506#comment-209506 ]
Matt Jordan edited comment on ASTERISK-22351 at 8/23/13 8:41 AM:
-----------------------------------------------------------------
OK!!
{noformat}
Program received signal SIGSEGV, Segmentation fault.
0x0000000000577d7f in term_alloc (el=0x8517f0, t=0x5d8c80, cap=0xffffffffffffca60 <Address 0xffffffffffffca60 out of bounds>) at term.c:398
398 if (cap == NULL || *cap == '\0') {
(gdb) up
#1 0x00000000005796c2 in term_set (el=0x8517f0, term=0x7fffffffeea1 "xterm") at term.c:960
960 term_alloc(el, t, tgetstr((char *)t->name, &area));
(gdb) info locals
i = 1
buf = "\033[L\000ÿ\177\000\000\022", '\000' <repeats 15 times>, "\220Êÿÿÿ\177\000\000\"\226Y\000\000\000\000\000s\000\000\000\000\000\000\000¨Îÿÿÿ\177\000\000\000\000\000\000\000\000\000\000\nÒÿÿ", '\000' <repeats 68 times>, " Ëÿÿÿ\177\000\000ø\025\205", '\000' <repeats 13 times>, "ÿÿÿÿÿÿÿÿ\000\000\000\000ÿ\177\000\000\207Íÿÿ\000\000\000\000\a\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\000\000\000ÿ\177\000\000\001\200û", '\000' <repeats 12 times>, "ø\025\205", '\000' <repeats 13 times>, "ÿÿÿÿ\000\000\000\000\002\000\000\000\000\000\000\000°Îÿÿÿ\177\000\000<~E÷ÿ\177\000\000"...
area = 0x7fffffffca64 "ÿ\177"
t = 0x5d8c80
oset = {__val = {0, 0, 0, 0, 0, 140737342293606, 0, 0, 140737488341733, 140733193388032, 140737488342912, 2, 140737488343264, 140737488343248, 5,
140737488343616}}
nset = {__val = {134217728, 0 <repeats 15 times>}}
lins = 32767
cols = -12320
(gdb) print t
$1 = (const struct termcapstr *) 0x5d8c80
(gdb) print t->name
$2 = 0x5d8964 "al"
(gdb) print *t
$3 = {name = 0x5d8964 "al", long_name = 0x5d8967 "add new blank line"}
(gdb) print area
$4 = 0x7fffffffca64 "ÿ\177"
(gdb)
{noformat}
was (Author: arcanos):
OK!!
Program received signal SIGSEGV, Segmentation fault.
0x0000000000577d7f in term_alloc (el=0x8517f0, t=0x5d8c80, cap=0xffffffffffffca60 <Address 0xffffffffffffca60 out of bounds>) at term.c:398
398 if (cap == NULL || *cap == '\0') {
(gdb) up
#1 0x00000000005796c2 in term_set (el=0x8517f0, term=0x7fffffffeea1 "xterm") at term.c:960
960 term_alloc(el, t, tgetstr((char *)t->name, &area));
(gdb) info locals
i = 1
buf = "\033[L\000ÿ\177\000\000\022", '\000' <repeats 15 times>, "\220Êÿÿÿ\177\000\000\"\226Y\000\000\000\000\000s\000\000\000\000\000\000\000¨Îÿÿÿ\177\000\000\000\000\000\000\000\000\000\000\nÒÿÿ", '\000' <repeats 68 times>, " Ëÿÿÿ\177\000\000ø\025\205", '\000' <repeats 13 times>, "ÿÿÿÿÿÿÿÿ\000\000\000\000ÿ\177\000\000\207Íÿÿ\000\000\000\000\a\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\000\000\000ÿ\177\000\000\001\200û", '\000' <repeats 12 times>, "ø\025\205", '\000' <repeats 13 times>, "ÿÿÿÿ\000\000\000\000\002\000\000\000\000\000\000\000°Îÿÿÿ\177\000\000<~E÷ÿ\177\000\000"...
area = 0x7fffffffca64 "ÿ\177"
t = 0x5d8c80
oset = {__val = {0, 0, 0, 0, 0, 140737342293606, 0, 0, 140737488341733, 140733193388032, 140737488342912, 2, 140737488343264, 140737488343248, 5,
140737488343616}}
nset = {__val = {134217728, 0 <repeats 15 times>}}
lins = 32767
cols = -12320
(gdb) print t
$1 = (const struct termcapstr *) 0x5d8c80
(gdb) print t->name
$2 = 0x5d8964 "al"
(gdb) print *t
$3 = {name = 0x5d8964 "al", long_name = 0x5d8967 "add new blank line"}
(gdb) print area
$4 = 0x7fffffffca64 "ÿ\177"
(gdb)
> Segfault in LIBEDIT_INTERNAL after tgetstr()
> --------------------------------------------
>
> Key: ASTERISK-22351
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-22351
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Affects Versions: 1.8.23.0, 11.5.0
> Environment: HP Proliant DL320e G8
> Debian Wheezy (kernel 3.2.0-4-amd64)
> DAHDI 2.7.0 (no cards installed)
> Libpri 1.4.14
> Reporter: A. Iglesias
> Attachments: issueA22351_larger_buf_and_offset.patch, issueA22351_larger_buf.patch
>
>
> New installation in this server. After everything is installed and asterisk started, anytime a try to open an asterisk console with asterisk -vvvvvvvvvr I get a "Segmentation fault" and console doesn't open, but asterisk keeps running. If I stop asterisk and try to start it with asterisk -vvvvvvc, it fails in the same way.
> I've been doing some research, and found a guy with the same problem in the past, related whit the value of the TERM system variable. In my case is "xterm", but if I change it for a non existent value ('lalalala' for example) then console starts.
> Digging deeper, I've found that the problem is in main/editline/term.c , in line 960 when executing this:
> term_alloc(el, t, tgetstr((char *)t->name, &area));
> If I change this line with the one executed when TERM has an unknown value...
> term_alloc(el, t, NULL);
> ... and recompile, then console starts.
> the problem seems to be in the tgetstr function, because if I add a line just with this...
> tgetstr((char *)t->name, &area);
> ... I get the same error.
> I'll try to get core dump stuff, but maybe with this info is enough at the moment to find a solution. I've been trying to find the problem/solution studying the code, but no luck yet.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list