Bug#860393: Segfaults on startup

Bernhard Übelacker Mon, 17 Apr 2017 09:22:01 -0700

Hello,
just tried if I can reproduce the issue.

I think this is a again a case of a pointer truncation by default
int for a pointer returning function.



First patch is just to build with debug information to make the
automatic dbgsym packages helpful.

The second patch adds some includes to get prototypes for alloc function.
This is also warned about in the current amd64 build log:
../win/proxy/nhext.c:36:39: warning: implicit declaration of function 'alloc' 
[-Wimplicit-function-declaration]
     nhext_connection.in = (NhExtXdr *)alloc(sizeof(NhExtXdr));
                                       ^~~~~

The third patch adds the prototype into a header file for nh_option_get_boolopt.

With these applied at least the user interface can start without crashing.
The build shows another 58 "warning: implicit declaration of function", that
may crash later.

Kind regards,
Bernhard

From b173980b4d068ddee3074c7dc89d7f4e465ecb76 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20=C3=9Cbelacker?= <bernha...@mailbox.org>
Date: Mon, 17 Apr 2017 16:35:55 +0200
Subject: Compile with debug information to make dbgsym package useful.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860393
---
 sys/unix/Makefile.src | 4 ++--
 sys/unix/Makefile.utl | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/sys/unix/Makefile.src b/sys/unix/Makefile.src
index 9d657a5..05528ba 100644
--- a/sys/unix/Makefile.src
+++ b/sys/unix/Makefile.src
@@ -129,9 +129,9 @@ SYSOBJ = ioctl.o unixmain.o unixtty.o unixunix.o unixres.o
 #   compile normally
 #   disable optimization on non-Linux archs due to FTBFS
 ifeq ($(UNAME),Linux)
-CFLAGS = -DDEBIAN_$(GUI) -O2 -fomit-frame-pointer -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include
+CFLAGS = -DDEBIAN_$(GUI) -g -O2 -fomit-frame-pointer -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include
 else
-CFLAGS = -DDEBIAN_$(GUI) -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include
+CFLAGS = -DDEBIAN_$(GUI) -g -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include
 endif
 LFLAGS = -L/usr/X11R6/lib -Wl,-z,relro
 #   OR compile backwards compatible a.out format
diff --git a/sys/unix/Makefile.utl b/sys/unix/Makefile.utl
index b253b5d..e34d711 100644
--- a/sys/unix/Makefile.utl
+++ b/sys/unix/Makefile.utl
@@ -77,9 +77,9 @@ UNAME := $(shell uname -s)
 #   compile normally
 #   disable optimization on non-Linux archs due to FTBFS
 ifeq ($(UNAME),Linux)
-CFLAGS = -DDEBIAN_$(GUI) -O2 -fomit-frame-pointer -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include
+CFLAGS = -DDEBIAN_$(GUI) -g -O2 -fomit-frame-pointer -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include
 else
-CFLAGS = -DDEBIAN_$(GUI) -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include
+CFLAGS = -DDEBIAN_$(GUI) -g -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include
 endif
 LFLAGS = -L/usr/X11R6/lib -Wl,-z,relro
 #   OR compile backwards compatible a.out format
-- 
2.11.0

From 388d1b18a6a90fb3495d77b75acac9d73cdbcc0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20=C3=9Cbelacker?= <bernha...@mailbox.org>
Date: Mon, 17 Apr 2017 17:33:13 +0200
Subject: Avoid pointer truncation because of default int return type for
 alloc.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This patch add includes for config.h that includes global.h that has
the prototype for alloc function.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860393


$ gdb -q --args slashem-gtk

Program received signal SIGSEGV, Segmentation fault.
nhext_xdrio_create (xdrs=0x5054a740, io=io@entry=0x563550549ea0, op=op@entry=NHEXT_XDR_DECODE) at ../win/proxy/nhxdr.c:232
232         xdrs->x_data = io;
(gdb) bt
#0  0x000056354f7ac0c7 in nhext_xdrio_create (xdrs=0x5054a740, io=io@entry=0x563550549ea0, op=op@entry=NHEXT_XDR_DECODE)
    at ../win/proxy/nhxdr.c:232
#1  0x000056354f7aa793 in nhext_init (rd=rd@entry=0x563550549ea0, wr=wr@entry=0x56355054a2f0, cb=0x56354fa516e0 <proxy_callbacks>)
    at ../win/proxy/nhext.c:38
#2  0x000056354f7a5dcc in proxy_init (auth=0x0) at ../win/proxy/winproxy.c:1295
#3  0x000056354f7a5dcc in win_proxy_init () at ../win/proxy/winproxy.c:1515
#4  0x000056354f7a2f54 in GTK_proxy_init_nhwindows (argcp=0x7fff4f9d5f8c, argv=0x7fff4f9d60a8) at ../win/gtk/gtkint.c:185
#5  0x000056354f6042c7 in main (argc=<optimized out>, argv=0x7fff4f9d60a8) at ../sys/unix/unixmain.c:139


cc -DDEBIAN_GTK -g -O2 -fomit-frame-pointer -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include -c ../win/proxy/nhext.c
../win/proxy/nhext.c: In function ânhext_initâ:
../win/proxy/nhext.c:38:39: warning: implicit declaration of function âallocâ [-Wimplicit-function-declaration]
     nhext_connection.in = (NhExtXdr *)alloc(sizeof(NhExtXdr));
                                       ^~~~~
---
 win/proxy/nhext.c    | 1 +
 win/proxy/proxycb.c  | 1 +
 win/proxy/proxysvc.c | 1 +
 win/proxy/prxychar.c | 1 +
 win/proxy/prxyconn.c | 1 +
 win/proxy/prxytile.c | 1 +
 6 files changed, 6 insertions(+)

diff --git a/win/proxy/nhext.c b/win/proxy/nhext.c
index dead5fd..9a26ddd 100644
--- a/win/proxy/nhext.c
+++ b/win/proxy/nhext.c
@@ -9,6 +9,7 @@
 #include <string.h>
 #include <stdarg.h>
 #include <ctype.h>
+#include "config.h"
 #include "nhxdr.h"
 #include "proxycom.h"
 
diff --git a/win/proxy/proxycb.c b/win/proxy/proxycb.c
index ed150f0..36ffa21 100644
--- a/win/proxy/proxycb.c
+++ b/win/proxy/proxycb.c
@@ -5,6 +5,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include "config.h"
 #include "nhxdr.h"
 #include "proxycom.h"
 #include "proxycb.h"
diff --git a/win/proxy/proxysvc.c b/win/proxy/proxysvc.c
index d6cd302..2efab79 100644
--- a/win/proxy/proxysvc.c
+++ b/win/proxy/proxysvc.c
@@ -14,6 +14,7 @@
 #include <windows.h>
 #include <commctrl.h>
 #endif
+#include "config.h"
 #include "nhxdr.h"
 #include "proxycom.h"
 #include "proxycb.h"
diff --git a/win/proxy/prxychar.c b/win/proxy/prxychar.c
index 954aaca..cf3cf42 100644
--- a/win/proxy/prxychar.c
+++ b/win/proxy/prxychar.c
@@ -5,6 +5,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <stdarg.h>
+#include "config.h"
 #include "nhxdr.h"
 #include "proxycom.h"
 #include "prxyclnt.h"
diff --git a/win/proxy/prxyconn.c b/win/proxy/prxyconn.c
index f21d040..f59ff02 100644
--- a/win/proxy/prxyconn.c
+++ b/win/proxy/prxyconn.c
@@ -17,6 +17,7 @@
 #include <netinet/in.h>
 #include <netdb.h>
 #endif
+#include "config.h"
 #include "nhxdr.h"
 #include "proxycom.h"
 #include "prxyclnt.h"
diff --git a/win/proxy/prxytile.c b/win/proxy/prxytile.c
index 2057318..9bd66fd 100644
--- a/win/proxy/prxytile.c
+++ b/win/proxy/prxytile.c
@@ -5,6 +5,7 @@
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
+#include "config.h"
 #include "nhxdr.h"
 #include "proxycom.h"
 #include "prxyclnt.h"
-- 
2.11.0

From 909f7240ffd88a41e5d1e79bff79229967980644 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20=C3=9Cbelacker?= <bernha...@mailbox.org>
Date: Mon, 17 Apr 2017 18:10:14 +0200
Subject: Avoid pointer truncation because of default int return type for
 nh_option_get_boolopt.

This patch adds the prototype to extern.h.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860393

Program received signal SIGSEGV, Segmentation fault.
0x00005559c19cf5e0 in get_option_bool (option=0x5559c28dd990 "color") at ../win/proxy/getopt.c:32
32          for(i = 0; boolopt[i].name; i++)
(gdb) bt
#0  0x00005559c19cf5e0 in get_option_bool (option=0x5559c28dd990 "color") at ../win/proxy/getopt.c:32
#1  0x00005559c19cf5e0 in get_option (option=0x5559c28dd990 "color") at ../win/proxy/getopt.c:99
#2  0x00005559c19ce115 in callback_get_option (id=<optimized out>, request=<optimized out>, reply=0x5559c28dd780)
    at ../win/proxy/callback.c:393
#3  0x00005559c19d23e6 in nhext_svc (services=<optimized out>) at ../win/proxy/nhext.c:1028
#4  0x00005559c19d27fb in nhext_rpc (id=<optimized out>) at ../win/proxy/nhext.c:744
#5  0x00005559c19cb1d9 in proxy_init_nhwindows (argcp=0x7fffd10702dc, argv=0x7fffd10703f8) at ../win/proxy/winproxy.c:145
#6  0x00005559c19c9f7e in GTK_proxy_init_nhwindows (argcp=0x7fffd10702dc, argv=0x7fffd10703f8) at ../win/gtk/gtkint.c:188
#7  0x00005559c182b2c7 in main (argc=<optimized out>, argv=0x7fffd10703f8) at ../sys/unix/unixmain.c:139


cc -DDEBIAN_GTK -O2 -fomit-frame-pointer -fstack-protector --param=ssp-buffer-size=4 -I../include -I/usr/X11R6/include -c ../win/proxy/getopt.c
../win/proxy/getopt.c: In function 'get_option_bool':
../win/proxy/getopt.c:31:31: warning: implicit declaration of function 'nh_option_get_boolopt' [-Wimplicit-function-declaration]
  boolopt = (struct Bool_Opt *)nh_option_get_boolopt();
                               ^~~~~~~~~~~~~~~~~~~~~
---
 include/extern.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/include/extern.h b/include/extern.h
index 625a9e6..6d4aebc 100644
--- a/include/extern.h
+++ b/include/extern.h
@@ -1485,6 +1485,7 @@ E const char *FDECL(mimic_obj_name, (struct monst *));
 
 /* ### options.c ### */
 
+E genericptr_t FDECL(nh_option_get_boolopt, ());
 E boolean FDECL(match_optname, (const char *,const char *,int,BOOLEAN_P));
 E void NDECL(initoptions);
 E void FDECL(parseoptions, (char *,BOOLEAN_P,BOOLEAN_P));
-- 
2.11.0

Bug#860393: Segfaults on startup

Reply via email to