Backtrace:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46998971645760 (LWP 14384)]
io_handler (source=0x61cf60, condition=G_IO_IN, cn=0x608380)
at seahorse-agent-ssh.c:429
429 memset (msg, 0, sizeof (msg));
(gdb) bt
#0 io_handler (source=0x61cf60, condition=G_IO_IN, cn=0x608380)
at seahorse-agent-ssh.c:429
#1 0x00002abecb453d44 in g_main_context_dispatch ()
from /usr/lib64/libglib-2.0.so.0
#2 0x00002abecb456b8d in g_main_context_check ()
from /usr/lib64/libglib-2.0.so.0
#3 0x00002abecb456e9a in g_main_loop_run () from /usr/lib64/libglib-2.0.so.0
#4 0x00002abec97ca2e3 in IA__gtk_main () at gtkmain.c:1024
#5 0x0000000000411fae in main (argc=2, argv=0x7fffe376ff88)
at seahorse-daemon.c:275
(gdb) p msg
$1 = (gchar *) 0x1 <Address 0x1 out of bounds>
Code analysis:
420 static gboolean
421 io_handler (GIOChannel *source, GIOCondition condition, SSHProxyConn
*cn)
422 {
423 GIOChannel *out;
424 gchar *msg;
425 gboolean ret = FALSE;
426 gsize length;
(gdb)
427 gboolean from_client = FALSE;
428
429 memset (msg, 0, sizeof (msg));
430
431 if (condition & G_IO_IN) {
432
433 if (source == cn->inchan) {
434 out = cn->outchan;
435 from_client = TRUE;
436 DEBUG_MSG (("data from client\n"));
(gdb)
437 }
438 else if (source == cn->outchan) {
439 out = cn->inchan;
440 from_client = FALSE;
441 DEBUG_MSG (("data from agent\n"));
442 }
443 else
444 g_return_val_if_reached (FALSE);
445
446 msg = read_ssh_message (source, &length);
So the culprit is the line:
429 memset (msg, 0, sizeof (msg));
It is probably a leftover... the fact that this only crashes on amd64 is
sheer luck.
--
seahorse-daemon crashes on any attempt to use ssh
https://launchpad.net/bugs/59602
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
