On Sunday 29. Julyta 2001 06:22, you wrote:
> Bugzilla is offline, so I bring this query to the list. I have found a
> reproducable way to crash bash. I was entering this command because I
> found a core file laying around. Probably produced by a user who uses SCO
> Unix at home.
>
> [ryan@vanessa]:[~]$ rpm -q bash
> bash-2.04-21
>
> [ryan@vanessa]:[~]$ export TERM=scoansi
> (Bash crashes at this point, and I am prompted to login again)
Same here. Running gdb shows:
$ gdb /bin/bash core
GNU gdb 5.0rh-5 Red Hat Linux 7.1
Copyright 2001 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux"...
(no debugging symbols found)...
Core was generated by `/bin/bash'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libtermcap.so.2...(no debugging symbols found)...
done.
Loaded symbols for /lib/libtermcap.so.2
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/i686/libc.so.6...done.
Loaded symbols for /lib/i686/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_nisplus.so.2...done.
Loaded symbols for /lib/libnss_nisplus.so.2
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
#0 0x400b8fd3 in strncmp (s1=0x3a485e41 <Address 0x3a485e41 out of bounds>,
s2=0x80fc59a "Fa=\\E[_", n=2) at ../sysdeps/generic/strncmp.c:64
64 ../sysdeps/generic/strncmp.c: No such file or directory.
in ../sysdeps/generic/strncmp.c
(gdb) bt
#0 0x400b8fd3 in strncmp (s1=0x3a485e41 <Address 0x3a485e41 out of bounds>,
s2=0x80fc59a "Fa=\\E[_", n=2) at ../sysdeps/generic/strncmp.c:64
#1 0x4002c314 in _init () at eval.c:41
#2 0x4002caee in _init () at eval.c:41
#3 0x4002cba7 in tgetent () at eval.c:41
#4 0x080a7281 in _rl_init_terminal_io () at eval.c:41
#5 0x080a765f in rl_reset_terminal () at eval.c:41
#6 0x0806bfc6 in stupidly_hack_special_variables () at eval.c:41
#7 0x08074004 in do_array_element_assignment () at eval.c:41
#8 0x08074081 in do_assignment_no_expand () at eval.c:41
#9 0x08091559 in set_or_show_attributes () at eval.c:41
#10 0x08091333 in export_builtin () at eval.c:41
#11 0x080673f9 in execute_command_internal () at eval.c:41
#12 0x08067a0e in execute_shell_function () at eval.c:41
#13 0x08067188 in execute_command_internal () at eval.c:41
#14 0x08064631 in execute_command_internal () at eval.c:41
#15 0x08064044 in execute_command () at eval.c:41
#16 0x0805b36b in reader_loop () at eval.c:41
#17 0x08059b2c in main () at eval.c:41
#18 0x4004f177 in __libc_start_main (main=0x8059480 <main>, argc=1,
ubp_av=0xbffffa24, init=0x8058a60 <_init>, fini=0x80ad500 <_fini>,
rtld_fini=0x4000e184 <_dl_fini>, stack_end=0xbffffa1c)
at ../sysdeps/generic/libc-start.c:129
Just a guess: the termcap entry for scoansi is broken. This is still a bug,
bad input should cause an error report, not a crash.
--
Markku Kolkka
[EMAIL PROTECTED]
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
