https://bugs.kde.org/show_bug.cgi?id=520150
Bug ID: 520150
Summary: infinite directory symlink traversal causes segfault
Classification: Applications
Product: Elisa
Version First 26.04.1
Reported In:
Platform: Arch Linux
OS: Linux
Status: REPORTED
Severity: crash
Priority: NOR
Component: general
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
DESCRIPTION
When I open elisa, it starts scanning a bunch of files, and crashes after a bit
with a segfault.
```
$ elisa .
org.kde.elisa.indexers.manager: Local file system indexer is inactive
[snip]
fish: Job 1, 'elisa .' terminated by signal SIGSEGV (Address boundary error)
```
STEPS TO REPRODUCE
Not sure if you'll be able to repro like this but you may try:
```bash
mkdir b
cd b
ln -s ../b a
cd ../
elisa .
```
OBSERVED RESULT
Segfault.
EXPECTED RESULT
No segfault.
SOFTWARE/OS VERSIONS
Operating System: arch linux
Qt Version: 6.11.0
ADDITIONAL INFORMATION
Here's the backtrace
```
pwndbg> bt
#0 0x00007febe1c3ff40 in scratch_buffer_init (buffer=<optimized out>) at
../include/scratch_buffer.h:78
#1 __GI___realpath (name=0x7fead6468ce0
"/home/lamb/opt/elfutils/tests/debuginfod-tars/bighello-sources/bighello.c",
resolved=0x7febadc00be0 '\376' <repeats 200 times>...) at canonicalize.c:430
#2 0x00007febe2769429 in realpath (__name=<optimized out>,
__resolved=0x7febadc00be0 '\376' <repeats 200 times>...) at
/usr/include/bits/stdlib.h:55
#3 QFileSystemEngine::canonicalName (entry=..., data=...) at
/usr/src/debug/qt6-base/qtbase/src/corelib/io/qfilesystemengine_unix.cpp:731
#4 0x00007febe252cd1b in QFileInfoPrivate::getFileName (this=0x7fead646a4c0,
name=QAbstractFileEngine::CanonicalName) at
/usr/src/debug/qt6-base/qtbase/src/corelib/io/qfileinfo.cpp:28
#5 0x00007febe2536995 in QFileInfo::canonicalFilePath
(this=this@entry=0x7fead6468380) at
/usr/src/debug/qt6-base/qtbase/src/corelib/io/qfileinfo.cpp:604
#6 0x00007febe4f0aa56 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:176
#7 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#8 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#9 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#10 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#11 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#12 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#13 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#14 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#15 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#16 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#17 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#18 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#19 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#20 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#21 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#22 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#23 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
#24 0x00007febe4f0b539 in AbstractFileListing::scanDirectory
(this=0x56238754f470, newFiles=..., path=..., watchForFileSystemChanges=...) at
/usr/src/debug/elisa/elisa-26.04.1/src/abstractfile/abstractfilelisting.cpp:213
```
This continues on for long (thousands of invocations?)
I guess the issue is that it doesn't have a sanity check on depth, following
symlinks, or visiting the same dir somewhere.
GDB coredump is attached.
--
You are receiving this mail because:
You are watching all bug changes.
