Re: #420012 bug in libmrss or in glibc?
Nico Golde a écrit :
> http://bugs.debian.org/420012 is currently twisting my head.
> http://people.debian.org/~nion/nb-bt-full-complete.txt shows
> that this is no bug in the newsbeuter package. I don't
> really understand why the encoding variable is out of bounds
> and didn't find out with a quick look into libmrss code.
> What makes me wonder is that a recompile solves the issue.
> The bug doesn't appear with version 2.3.6... of glibc but
> with the new version in unstable 2.5.
> If the recompile solves the issue I am curious how this is
> a bug in libmrss or newsbeuter since the mrss version didn't
> Is it possible that it's a bug in libc?
> Any help is appreciated since I don't know how to do further
> debugging here.
> To reproduce this bug install newsbeuter (with 2.3.6.ds1-13
> of libc6 installed), echo
> start newsbeuter, press R to reload. This will work without
> any problem. Then update to 2.5-3 of libc6, start
> newsbeuter, press R and see it crashing :)
I am not able to reproduce the problem the way you described. Starting
from lenny where newsbeuter works, upgrading to libc6 2.5-3 does not
trigger the bug. Then upgrading to libmrss0 0.17.1-1 triggers the bug.
My guess is that the bug is in libmrss0. Anyway segfaults in strlen()
are always due to a problem in the pointer passed to the function.
.''`. Aurelien Jarno | GPG: 1024D/F1BCDB73
: :' : Debian developer | Electrical Engineer
`. `' email@example.com | firstname.lastname@example.org
`- people.debian.org/~aurel32 | www.aurel32.net