Bug#503582: regression: busybox nc -v www.google.com 80 segfaults

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#503582: regression: busybox nc -v www.google.com 80 segfaults
From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
Date: Sun, 26 Oct 2008 21:24:28 +0200
Message-id: <[🔎] 20081026192428.18914.17767.reportbug@localhost>
Reply-to: Timo Juhani Lindfors <timo.lindfors@iki.fi>, 503582@bugs.debian.org

Package: busybox
Version: 1:1.10.2-2
Severity: normal

Steps to reproduce:
1) busybox nc -v www.google.com 80

Expected results:
1) busybox tells the user that option "-v" is not known.

Actual results:
1) busybox segfaults.

More info:
1) gdb is not too useful since the package does not support building
with debugging symbols:

$ gdb --args busybox nc -v www.google.com 80
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
(no debugging symbols found)
(gdb) r
Starting program: /bin/busybox nc -v www.google.com 80
(no debugging symbols found)
Failed to read a valid object file image from memory.
(no debugging symbols found)
(no debugging symbols found)

Program received signal SIGSEGV, Segmentation fault.
0x0808f8f0 in ?? ()
(gdb) bt
#0  0x0808f8f0 in ?? ()
#1  0xb7d829cc in ?? () from /lib/libc.so.6
#2  0xb7f0663e in ?? () from /lib/ld-linux.so.2
#3  0xb7eae000 in ?? ()
#4  0x00000004 in ?? ()
#5  0x00000020 in ?? ()
#6  0x00000000 in ?? ()
(gdb) x/5i $eip
0x808f8f0 <geteuid@plt+274004>: incl   (%eax)
0x808f8f2 <geteuid@plt+274006>: mov    0x1(%ebx),%al
0x808f8f5 <geteuid@plt+274009>: cmp    $0x1,%al
0x808f8f7 <geteuid@plt+274011>: jne    0x808f90f <geteuid@plt+274035>
0x808f8f9 <geteuid@plt+274013>: mov    0x80a48a8,%eax
(gdb) info register
eax            0x1      1
ecx            0x0      0
edx            0xffffffff       -1
ebx            0xbfaeac48       -1079071672
esp            0xbfaeab7c       0xbfaeab7c
ebp            0xbfaeaf64       0xbfaeaf64
esi            0x0      0
edi            0x0      0
eip            0x808f8f0        0x808f8f0 <geteuid@plt+274004>
eflags         0x10202  [ IF RF ]
cs             0x73     115
ss             0x7b     123
ds             0x7b     123
es             0x7b     123
fs             0x0      0
gs             0x33     51
(gdb)

2) This is a regression since 1.1.3-4 does not segfault:

$ busybox nc -v www.google.com 80
nc: invalid option -- v
BusyBox v1.1.3 (Debian 1:1.1.3-4) multi-call binary

Usage: nc [OPTIONS] [IP] [port]

Netcat opens a pipe to IP:port

Options:
        -l              listen mode, for inbound connects
        -p PORT         local port number
        -i SECS         delay interval for lines sent
        -w SECS         timeout for connects and final net reads

Reply to:

Prev by Date: Re: brltty: does this really need to depend on libicu?
Next by Date: Bug#503581: busybox: strips binary even with DEB_BUILD_OPTIONS='nostrip debug noopt'
Previous by thread: Re: brltty: does this really need to depend on libicu?
Next by thread: Bug#503581: busybox: strips binary even with DEB_BUILD_OPTIONS='nostrip debug noopt'
Index(es):
- Date
- Thread