Control: fixed 917018 wget/1.19.1-1
Control: tags 917018 + upstream
Dear Maintainer, hello RW Penney,
I had a look and think I found something.
You have by any chance made something like 'chmod 000 ~/.wget-hsts' ?
Because in that case we end up in a backtrace like below.
(And stretch systems with a writeable ~/.wget-hsts are not affected.)
That is because when fp is NULL it is still tried to given to fclose().
Upstream has fixed this in commit [1].
Kind regards,
Bernhard
[1]
http://git.savannah.gnu.org/cgit/wget.git/commit/src/hsts.c?id=40870e1271c977d9b80734690a5691a68bf05473
(gdb) bt
#0 _IO_new_fclose (fp=fp@entry=0x0) at iofclose.c:53
#1 0x555722ca in hsts_store_open (filename=) at
../../src/hsts.c:513
#2 0x5556102c in load_hsts () at ../../src/main.c:186
#3 main (argc=argc@entry=6, argv=argv@entry=0x7fffe628) at
../../src/main.c:1897
#4 0x769b62e1 in __libc_start_main (main=0xfb40 ,
argc=6, argv=0x7fffe628, init=, fini=,
rtld_fini=, stack_end=0x7fffe618) at ../csu/libc-start.c:291
#5 0x5556147a in _start ()
(gdb) list hsts_store_open
492 hsts_store_open (const char *filename)
493 {
...
508 if (!fp || !hsts_read_database (store, fp, false))
509 {
510 /* abort! */
511 hsts_store_close (store);
512 xfree (store);
513 fclose (fp);
514 goto out;
515 }
From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917018#18 :
Program received signal SIGSEGV, Segmentation fault.
_IO_new_fclose (fp=0x0) at iofclose.c:53
53iofclose.c: No such file or directory.
#0 _IO_new_fclose (fp=0x0) at iofclose.c:53
#1 0x555722ca in ?? ()
#2 0x5556102c in ?? ()
#3 0x769b62e1 in __libc_start_main (main=0xfb40, argc=6,
argv=0x7fffe848, init=, fini=,
rtld_fini=, stack_end=0x7fffe838) at ../csu/libc-start.c:291
#4 0x5556147a in ?? ()
Detaching from program: /usr/bin/wget, process 2009
#
# stretch amd64 qemu VM
apt update
apt dist-upgrade
apt install devscripts dpkg-dev systemd-coredump gdb wget-dbgsym
mkdir source/wget/orig -p
cdsource/wget/orig
apt source wget
cd ../..
mkdir /tmp/wget-test
cd/tmp/wget-test
wget -r -k -l inf http://www.debian.org
# no crash ...
root@debian:/tmp/wget-test# uname -a
Linux debian 4.9.0-8-amd64 #1 SMP Debian 4.9.130-2 (2018-10-27) x86_64 GNU/Linux
root@debian:/tmp/wget-test# cat /etc/debian_version
9.6
gdb -q \
-ex 'set backtrace past-main on' \
-ex 'set width 0' \
-ex 'set pagination off' \
-ex 'directory /home/benutzer/source/wget/orig/wget-1.18/debian/patches' \
--args wget -r -k -l inf http://www.debian.org
(gdb) disassemble main
0x55561027 <+5351>: callq 0x55572190
0x5556102c <+5356>: test %rax,%rax
(gdb) disassemble hsts_store_open
0x555722c5 <+309>: callq 0xf600
0x555722ca <+314>: jmpq 0x555721f3
(gdb) list hsts_store_open
490
491 hsts_store_t
492 hsts_store_open (const char *filename)
493 {
494 hsts_store_t store = NULL;
495
496 store = xnew0 (struct hsts_store);
497 store->table = hash_table_new (0, hsts_hash_func, hsts_cmp_func);
498 store->last_mtime = 0;
499 store->changed = false;
500
501 if (file_exists_p (filename))
502 {
503 if (hsts_file_access_valid (filename))
504 {
505 struct_stat st;
506 FILE *fp = fopen (filename, "r");
507
508 if (!fp || !hsts_read_database (store, fp, false))
509 {
510 /* abort! */
511 hsts_store_close (store);
512 xfree (store);
513 fclose (fp);
514 goto out;
515 }
516
517 if (fstat (fileno (fp), ) == 0)
518 store->last_mtime = st.st_mtime;
519
520 fclose (fp);
521 }
522 else
523 {
524 /*
525* If we're not reading the HSTS database,
526* then by all means act as if HSTS was disabled.
527*/
528 hsts_store_close (store);
529 xfree (store);
530
531 logprintf (LOG_NOTQUIET, "Will not apply HSTS. "
532 "The HSTS database must be a regular and
non-world-writable file.\n");
533 }
534 }
535
536 out:
537 return store;
538 }
(gdb) disassemble /m hsts_store_open
...
512 xfree (store);
0x555722b8 <+296>: mov%rbx,%rdi
0x555722bb <+299>: xor%ebx,%ebx
0x555722bd <+301>: callq 0xf328
513