Bug#481543: libc6: low-memory snprintf provokes internal segfault
Aurelien Jarno a écrit :
> tag 481543 + unreproducible
> tag 481543 + moreinfo
> thanks
>
> On Fri, May 16, 2008 at 10:30:34PM +0200, Jim Meyering wrote:
>> Package: libc6
>> Version: 2.7-11
>> Severity: normal
>>
>> glibc's snprintf function malfunctions (segfault)
>> when its internal memory allocation fails.
>> FYI, this bug is new in libc6 2.7-11. I noticed because it provokes
>> a new failure in coreutils' printf-surprise test. This is not a
>> problem when using rawhide's glibc-2.8.
>>
>>
>> $ cat snprintf-test-debbug.c
>> #include <stdio.h>
>> #include <string.h>
>> int
>> main(int argc, char **argv)
>> {
>> char buf[200];
>> char *fmt = argv[1];
>> if (argc < 2)
>> return 1;
>> return snprintf (buf, sizeof buf, fmt, 1);
>> }
>> $ gcc snprintf-test-debbug.c
>> $ zsh -c 'ulimit -v 5000; ./a.out %$[5*2**20]d'
>> zsh: segmentation fault zsh -c 'ulimit -v 5000; ./a.out %$[5*2**20]d'
>> [Exit 139 (SEGV)]
>
> I am unable to reproduce this problem. Moreover version 2.7-11 doesn't
> introduce any change in this area.
>
> Please check that the bug is still reproducible on your system and that
> downgrading to 2.7-10 actually fixes the problem.
>
Any news on that?
--
.''`. Aurelien Jarno | GPG: 1024D/F1BCDB73
: :' : Debian developer | Electrical Engineer
`. `' aurel32@debian.org | aurelien@aurel32.net
`- people.debian.org/~aurel32 | www.aurel32.net
Reply to: