[asterisk-bugs] [JIRA] (ASTERISK-22351) Segfault in LIBEDIT_INTERNAL after tgetstr()

Matt Jordan (JIRA) noreply at issues.asterisk.org
Fri Aug 23 08:43:04 CDT 2013 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-22351?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=209513#comment-209513 ] 

Matt Jordan edited comment on ASTERISK-22351 at 8/23/13 8:41 AM:
-----------------------------------------------------------------

{noformat}
(gdb) print buf
$5 = "\220Ø\200\000\000\000\000\000ê1N\000\000\000\000\000\000\000\000\000\030\004\000\000+×[\000\000\000\000\000\220Ø\200\000\000\000\000\000Àã[\000\000\000\000\000\200¥ÿÿ\030\004\000\000´Õ[", '\000' <repeats 21 times>, "\200¥ÿÿÿ\177\000\000ÿ_N", '\000' <repeats 37 times>, "  == Par7YN\000\000\000\000\000tc/asterisk/aste  == Found\n", '\000' <repeats 21 times>, "\020\000\000\000\000\000\000\000@\023\205", '\000' <repeats 6573 times>, "ÖTH÷ÿ\177\000\000\220£ÿÿÿ\177\000\000\200£ÿÿÿ\177\000\000\f\000\000\000\000\000\000\000(¥ÿÿÿ"...

(gdb) print &buf
$6 = (char (*)[20480]) 0x7fffffff8260
{noformat}

cap is not created, because is one of the term_alloc arguments, and I think term_alloc is not executed because the segfault is caused by the tgetstr call.



root at asterisk:/usr/src/asterisk-1.8.23.0# make -C main/editline

make: se ingresa al directorio `/usr/src/asterisk-1.8.23.0/main/editline'
gcc -c -fPIC -DPIC -pthread -I../..//include -I/usr/include/libxml2 -pipe -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -g3 -march=native '-D__RCSID(x)=' '-D__COPYRIGHT(x)=' '-D__RENAME(x)=' '-D_DIAGASSERT(x)=' -I. editline.c -o editline.o_s
In file included from editline.c:18:0:
term.c: In function 'term_move_to_line':
term.c:572:6: warning: implicit declaration of function 'tputs' [-Wimplicit-function-declaration]
term.c:572:6: warning: implicit declaration of function 'tgoto' [-Wimplicit-function-declaration]
term.c: In function 'term_set':
term.c:930:2: warning: implicit declaration of function 'tgetent' [-Wimplicit-function-declaration]
term.c:948:3: warning: implicit declaration of function 'tgetflag' [-Wimplicit-function-declaration]
term.c:957:3: warning: implicit declaration of function 'tgetnum' [-Wimplicit-function-declaration]
term.c:961:4: warning: implicit declaration of function 'tgetstr' [-Wimplicit-function-declaration]
term.c:961:4: warning: passing argument 3 of 'term_alloc' makes pointer from integer without a cast [enabled by default]
term.c:391:1: note: expected 'const char *' but argument is of type 'int'
term.c: In function 'term_echotc':
term.c:1459:8: warning: assignment makes pointer from integer without a cast [enabled by default]
gcc -shared -o libedit.so.2 editline.o_s np/fgetln.o_s np/vis.o_s np/unvis.o_s np/strlcpy.o_s np/strlcat.o_s history.o_s tokenizer.o_s readline.o_s -ltermcap

make: se sale del directorio `/usr/src/asterisk-1.8.23.0/main/editline'


¿¿ Where is -D_FORTIFY_SOURCE=2 ??


                
      was (Author: arcanos):
    
(gdb) print buf
$5 = "\220Ø\200\000\000\000\000\000ê1N\000\000\000\000\000\000\000\000\000\030\004\000\000+×[\000\000\000\000\000\220Ø\200\000\000\000\000\000Àã[\000\000\000\000\000\200¥ÿÿ\030\004\000\000´Õ[", '\000' <repeats 21 times>, "\200¥ÿÿÿ\177\000\000ÿ_N", '\000' <repeats 37 times>, "  == Par7YN\000\000\000\000\000tc/asterisk/aste  == Found\n", '\000' <repeats 21 times>, "\020\000\000\000\000\000\000\000@\023\205", '\000' <repeats 6573 times>, "ÖTH÷ÿ\177\000\000\220£ÿÿÿ\177\000\000\200£ÿÿÿ\177\000\000\f\000\000\000\000\000\000\000(¥ÿÿÿ"...

(gdb) print &buf
$6 = (char (*)[20480]) 0x7fffffff8260


cap is not created, because is one of the term_alloc arguments, and I think term_alloc is not executed because the segfault is caused by the tgetstr call.



root at asterisk:/usr/src/asterisk-1.8.23.0# make -C main/editline

make: se ingresa al directorio `/usr/src/asterisk-1.8.23.0/main/editline'
gcc -c -fPIC -DPIC -pthread -I../..//include -I/usr/include/libxml2 -pipe -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -g3 -march=native '-D__RCSID(x)=' '-D__COPYRIGHT(x)=' '-D__RENAME(x)=' '-D_DIAGASSERT(x)=' -I. editline.c -o editline.o_s
In file included from editline.c:18:0:
term.c: In function 'term_move_to_line':
term.c:572:6: warning: implicit declaration of function 'tputs' [-Wimplicit-function-declaration]
term.c:572:6: warning: implicit declaration of function 'tgoto' [-Wimplicit-function-declaration]
term.c: In function 'term_set':
term.c:930:2: warning: implicit declaration of function 'tgetent' [-Wimplicit-function-declaration]
term.c:948:3: warning: implicit declaration of function 'tgetflag' [-Wimplicit-function-declaration]
term.c:957:3: warning: implicit declaration of function 'tgetnum' [-Wimplicit-function-declaration]
term.c:961:4: warning: implicit declaration of function 'tgetstr' [-Wimplicit-function-declaration]
term.c:961:4: warning: passing argument 3 of 'term_alloc' makes pointer from integer without a cast [enabled by default]
term.c:391:1: note: expected 'const char *' but argument is of type 'int'
term.c: In function 'term_echotc':
term.c:1459:8: warning: assignment makes pointer from integer without a cast [enabled by default]
gcc -shared -o libedit.so.2 editline.o_s np/fgetln.o_s np/vis.o_s np/unvis.o_s np/strlcpy.o_s np/strlcat.o_s history.o_s tokenizer.o_s readline.o_s -ltermcap

make: se sale del directorio `/usr/src/asterisk-1.8.23.0/main/editline'


¿¿ Where is -D_FORTIFY_SOURCE=2 ??



                  
> Segfault in LIBEDIT_INTERNAL after tgetstr()
> --------------------------------------------
>
>                 Key: ASTERISK-22351
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-22351
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>    Affects Versions: 1.8.23.0, 11.5.0
>         Environment: HP Proliant DL320e G8
> Debian Wheezy (kernel 3.2.0-4-amd64)
> DAHDI 2.7.0 (no cards installed)
> Libpri 1.4.14
>            Reporter: A. Iglesias
>         Attachments: issueA22351_larger_buf_and_offset.patch, issueA22351_larger_buf.patch
>
>
> New installation in this server. After everything is installed and asterisk started, anytime a try to open an asterisk console with asterisk -vvvvvvvvvr I get a "Segmentation fault" and console doesn't open, but asterisk keeps running. If I stop asterisk and try to start it with asterisk -vvvvvvc, it fails in the same way.
> I've been doing some research, and found a guy with the same problem in the past, related whit the value of the TERM system variable. In my case is "xterm", but if I change it for a non existent value ('lalalala' for example) then console starts.
> Digging deeper, I've found that the problem is in main/editline/term.c , in line 960 when executing this:
> term_alloc(el, t, tgetstr((char *)t->name, &area));
> If I change this line with the one executed when TERM has an unknown value...
> term_alloc(el, t, NULL);
> ... and recompile, then console starts.
>  the problem seems to be in the tgetstr function, because if I add a line just with this...
> tgetstr((char *)t->name, &area);
> ... I get the same error.
> I'll try to get core dump stuff, but maybe with this info is enough at the moment to find a solution. I've been trying to find the problem/solution studying the code, but no luck yet.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list