Package: autolog
Severity: normal
Hi,
I could get a segfault by simply running './autolog -d -o', even by running
'./autolog -d -o -n' which does not even try to kill processes...
So I don't know if this is the same case as the original submitter as I
didn't have to wait for any warning before getting the segfault.
Anyway, you will find a patch that fixes the one I found.
About the bug:
Basically it parses (using strtok by the way) the output of a ps command line
by line. The line buffer has a size of 256 bytes so if the output line of ps
is longer than that, it get parsed as the next line and it will of course not
parse correctly.
For some reasons, when ran from gdb, the ps command limits its output to 80
chars as if ps was run in a terminal, so it does not segfault ;)
The patch simply read the line until it finds the ending \n so that the parser
will not segfault. (by the way as the config file allows the change the ps
command, the parser should probably be written in a safer way...)
Regards,
Julien Vdg
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -au autolog-0.40.orig/autolog.c autolog-0.40/autolog.c
--- autolog-0.40.orig/autolog.c 2010-10-29 16:15:11.000000000 +0200
+++ autolog-0.40/autolog.c 2010-10-29 16:14:27.000000000 +0200
@@ -1082,6 +1082,18 @@
}
}
}
+ /* Read to the end of line to avoid parsing the rest of the command
+ * line in next round and getting a segfault as ps_pid will be null!!
+ */
+ i=strlen(iline);
+ while(iline[i-1] != '\n'){
+ if(!fgets(iline, LINELEN, ps)) {
+ /* end of file, exit*/
+ fclose(ps);
+ return;
+ }
+ i=strlen(iline);
+ }
}
fclose(ps);
}
Les sous-répertoires autolog-0.40.orig/debian et autolog-0.40/debian sont identiques.
Les sous-répertoires autolog-0.40.orig/.pc et autolog-0.40/.pc sont identiques.
