Bug#581916: marked as done (sip-tester: segfault with invalid XML)

Debian Bug Tracking System Sat, 03 Jul 2010 20:15:25 -0700

Your message dated Sun, 04 Jul 2010 11:10:58 +0800
with message-id <1278213058.4215.9.ca...@chianamo>
and subject line Debian: sip-tester: fixed in 1:3.1-3
has caused the Debian Bug report #581916,
regarding sip-tester: segfault with invalid XML
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
581916: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581916
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: sip-tester
Version: 3.1.r590-1
Severity: normal

I was preparing some scenario files and made an XML syntax error. As a
result I discovered this SIGSEGV with an invalid XML tag:

p...@chianamo:~$ cat segfault.xml
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE scenario SYSTEM "sipp.dtd">

<scenario name="">
<recvCmd>
<action
</action>
</recvCmd>
</scenario>
p...@chianamo:~$ gdb --args sipp -sf segfault.xml
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/sipp...done.
(gdb) r
Starting program: /usr/bin/sipp -sf segfault.xml
[Thread debugging using libthread_db enabled]

Program received signal SIGSEGV, Segmentation fault.
0x000000000040ace4 in xp_open_element (index=0) at xp_parser.c:214
214     xp_parser.c: No such file or directory.
        in xp_parser.c
Current language:  auto
The current source language is "auto; currently c".
(gdb) thread apply all bt full

Thread 1 (Thread 0x7ffff7fd3710 (LWP 4586)):
#0  0x000000000040ace4 in xp_open_element (index=0) at xp_parser.c:214
        ptr = 0x1 <Address 0x1 out of bounds>
        level = 2
        name = "recvCmd", '\000' <repeats 248 times>
#1  0x00000000004162eb in scenario (this=0x8206b0, filename=0x7fffffffe5e0 
"segfault.xml", deflt=0) at scenario.cpp:689
        scenario_file_cursor = 1
        peer = 0x7ffff679fec8 "\270\376y\366\377\177"
        label_it = {_M_node = 0x7ffff6460548}
        elem = 0x6b3c80 "recvCmd"
        method_list = 0x0
        L_content_length = 0
#2  0x000000000043c47f in main (argc=3, argv=0x7fffffffe308) at sipp.cpp:4476
        option = 0x6931f0
        pass = 2
        media_sockaddr = {ss_family = 57456, __ss_align = 140737488347272, 
          __ss_padding = 
"8\351G\367\001\000\000\000\356+F\366\377\177\000\000\000\000\000\000\000\000\000\000\035DQ\366\377\177\000\000\000\000\000\000\000\000\000\000`\376y\366\377\177\000\000\270\376y\366\377\177\000\000\tyL\366\377\177\000\000(\343\377\377\377\177\000\000zCL\366\377\177\000\000\000\000\000\000\000\000\000\000H\005F\366\377\177\000\000
 \004\000\000\000\000\000\000\377\017\000\000\000\000\000"}
        pthread3_id = 140737488347944
        generic_count = 0
        __PRETTY_FUNCTION__ = "int main(int, char**)"
        argi = 2
        pthread2_id = 140737325587104
        L_maxSocketPresent = 0
        slave_masterSet = false
(gdb) quit
A debugging session is active.

        Inferior 1 [process 4586] will be killed.

Quit anyway? (y or n) y

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (700, 'testing'), (600, 'unstable'), (550, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages sip-tester depends on:
ii  libc6                     2.10.2-6       Embedded GNU C Library: Shared lib
ii  libgcc1                   1:4.5.0-2      GCC support library
ii  libncurses5               5.7+20100313-2 shared libraries for terminal hand
ii  libpcap0.8                1.1.1-2        system interface for user-level pa
ii  libssl0.9.8               0.9.8n-1       SSL shared libraries
ii  libstdc++6                4.4.4-1        The GNU Standard C++ Library v3

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

signature.asc
Description: This is a digitally signed message part

--- End Message ---

--- Begin Message ---
Version: 1:3.1-3

Just tested this in version 3.1 and it no longer occurs.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part

--- End Message ---

Bug#581916: marked as done (sip-tester: segfault with invalid XML)

Reply via email to