Bug#399984: marked as done (qt3-dev-tools: qmake segfaults on GNU/Hurd when no output file is specified)

To: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Subject: Bug#399984: marked as done (qt3-dev-tools: qmake segfaults on GNU/Hurd when no output file is specified)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Fri, 12 Jan 2007 12:48:32 -0800
Message-id: <[🔎] handler.399984.D399984.116863416427805.ackdone@bugs.debian.org>
References: <E1H5T4N-0000W2-3o@ries.debian.org> <20061123095947.GE22738@localhost.localdomain>

Your message dated Fri, 12 Jan 2007 20:32:11 +0000
with message-id <E1H5T4N-0000W2-3o@ries.debian.org>
and subject line Bug#399984: fixed in qt-x11-free 3:3.3.7-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: submit@bugs.debian.org
Subject: qt3-dev-tools: qmake segfaults on GNU/Hurd when no output file is specified
From: Michael Banck <mbanck@debian.org>
Date: Thu, 23 Nov 2006 10:59:48 +0100
Message-id: <20061123095947.GE22738@localhost.localdomain>

Package: qt3-dev-tools
Version: 3:3.3.7-1
Severity: important
Tags: patch

Hi,

if qmake is run without a -o foo option specifying the output file (and
thus implying "Makefile" in regular operation AIUI), it segfaults on
GNU/Hurd with the following backtrace:

#0  0x01042c56 in __hurd_file_name_lookup (use_init_port=0x103d920 <_hurd_ports_use>,
    get_dtable_port=0x40000002, lookup=0,
    file_name=0x40000002 <Address 0x40000002 out of bounds>, flags=64,
    mode=1073741826, result=0x40000002) at hurdlookup.c:67
#1  0x010432e9 in __file_name_lookup (
    file_name=0x40000002 <Address 0x40000002 out of bounds>, flags=1073741826, mode=0)
    at hurdlookup.c:240
#2  0x0110e12a in __lxstat64 (vers=0,
    file=0x40000002 <Address 0x40000002 out of bounds>, buf=0x40000002)
    at ../sysdeps/mach/hurd/lxstat64.c:35
#3  0x0110d2a6 in __lxstat (vers=1073741826,
    file=0x40000002 <Address 0x40000002 out of bounds>, buf=0x8237c88)
    at ../sysdeps/mach/hurd/lxstat.c:29
#4  0x081c0118 in lstat (__path=0x0, __statbuf=0x8237c88)
    at /usr/include/sys/stat.h:373
#5  0x081bfa82 in QFileInfo::doStat (this=0x101ad50)
    at /devel3/qt3/qt-x11-free-3.3.7/src/tools/qfileinfo_unix.cpp:342
#6  0x081bfc6c in QFileInfo::isDir (this=0x101ad50)
    at /devel3/qt3/qt-x11-free-3.3.7/src/tools/qfileinfo_unix.cpp:91
#7  0x0805ca63 in main (argc=16886580, argv=0x0) at main.cpp:86

lstat() is passed a NULL pointer instead of a filename, which leads to
undefined behaviour.  GNU/Linux returns an error when it gets passed a
bogus pointer, GNU/Hurd's lstat() in glibc decides to segfault.

While Qt itself builds fine, this causes FTBFS in other packages, see
e.g. http://experimental.ftbfs.de/fetch.php?&pkg=qscintilla&ver=1.6-2&arch=hurd-i386&stamp=1163603807&file=log&as=raw


The problem is that Option::output is not getting initialized, and
passed to isDir() in qmake/main.cpp, which eventually calls lstat() on
it, provoking the segfault.

While glibc is definetely fine to segfault here (after all, it got
passed out-of-spec input), I am not sure whether Qt might want to check
for bogus input in isDir() or doStat().  However, this is for Qt
upstream to decide I guess, and we will bring up the issue with them.

The easy fix (initializing Option::output to "") is attached, please
apply.


cheers,

Michael

--- qt-x11-free-3.3.6~/qmake/option.cpp 2006-09-28 07:45:03.000000000 +0000
+++ qt-x11-free-3.3.6/qmake/option.cpp          2006-09-28 07:45:40.000000000 +0000
@@ -64,7 +64,7 @@
 //all modes
 int Option::warn_level = WarnLogic;
 int Option::debug_level = 0;
-QFile Option::output;
+QFile Option::output("");
 QString Option::output_dir;
 QStringList Option::before_user_vars;
 QStringList Option::after_user_vars;

--- End Message ---

--- Begin Message ---

To: 399984-close@bugs.debian.org
Subject: Bug#399984: fixed in qt-x11-free 3:3.3.7-3
From: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Date: Fri, 12 Jan 2007 20:32:11 +0000
Message-id: <E1H5T4N-0000W2-3o@ries.debian.org>

Source: qt-x11-free
Source-Version: 3:3.3.7-3

We believe that the bug you reported is fixed in the latest version of
qt-x11-free, which is due to be installed in the Debian FTP archive:

libqt3-compat-headers_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-compat-headers_3.3.7-3_i386.deb
libqt3-headers_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-headers_3.3.7-3_i386.deb
libqt3-i18n_3.3.7-3_all.deb
  to pool/main/q/qt-x11-free/libqt3-i18n_3.3.7-3_all.deb
libqt3-mt-dev_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-mt-dev_3.3.7-3_i386.deb
libqt3-mt-ibase_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-mt-ibase_3.3.7-3_i386.deb
libqt3-mt-mysql_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-mt-mysql_3.3.7-3_i386.deb
libqt3-mt-odbc_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-mt-odbc_3.3.7-3_i386.deb
libqt3-mt-psql_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-mt-psql_3.3.7-3_i386.deb
libqt3-mt-sqlite_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-mt-sqlite_3.3.7-3_i386.deb
libqt3-mt_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/libqt3-mt_3.3.7-3_i386.deb
qt-x11-free-dbg_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt-x11-free-dbg_3.3.7-3_i386.deb
qt-x11-free_3.3.7-3.diff.gz
  to pool/main/q/qt-x11-free/qt-x11-free_3.3.7-3.diff.gz
qt-x11-free_3.3.7-3.dsc
  to pool/main/q/qt-x11-free/qt-x11-free_3.3.7-3.dsc
qt3-apps-dev_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt3-apps-dev_3.3.7-3_i386.deb
qt3-assistant_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt3-assistant_3.3.7-3_i386.deb
qt3-designer_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt3-designer_3.3.7-3_i386.deb
qt3-dev-tools-compat_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt3-dev-tools-compat_3.3.7-3_i386.deb
qt3-dev-tools-embedded_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt3-dev-tools-embedded_3.3.7-3_i386.deb
qt3-dev-tools_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt3-dev-tools_3.3.7-3_i386.deb
qt3-doc_3.3.7-3_all.deb
  to pool/main/q/qt-x11-free/qt3-doc_3.3.7-3_all.deb
qt3-examples_3.3.7-3_all.deb
  to pool/main/q/qt-x11-free/qt3-examples_3.3.7-3_all.deb
qt3-linguist_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt3-linguist_3.3.7-3_i386.deb
qt3-qtconfig_3.3.7-3_i386.deb
  to pool/main/q/qt-x11-free/qt3-qtconfig_3.3.7-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 399984@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org> (supplier of updated qt-x11-free package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 12 Jan 2007 18:44:53 +0100
Source: qt-x11-free
Binary: libqt3-i18n qt3-apps-dev libqt3-mt-sqlite qt-x11-free-dbg qt3-assistant qt3-examples qt3-doc libqt3-headers libqt3-mt-mysql libqt3-mt libqt3-mt-odbc libqt3-compat-headers qt3-dev-tools-embedded qt3-dev-tools libqt3-mt-ibase qt3-designer qt3-linguist qt3-qtconfig qt3-dev-tools-compat libqt3-mt-dev libqt3-mt-psql
Architecture: source i386 all
Version: 3:3.3.7-3
Distribution: unstable
Urgency: low
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Description: 
 libqt3-compat-headers - Qt 1.x and 2.x compatibility includes
 libqt3-headers - Qt3 header files
 libqt3-i18n - i18n files for Qt3 library
 libqt3-mt  - Qt GUI Library (Threaded runtime version), Version 3
 libqt3-mt-dev - Qt development files (Threaded)
 libqt3-mt-ibase - InterBase/FireBird database driver for Qt3 (Threaded)
 libqt3-mt-mysql - MySQL database driver for Qt3 (Threaded)
 libqt3-mt-odbc - ODBC database driver for Qt3 (Threaded)
 libqt3-mt-psql - PostgreSQL database driver for Qt3 (Threaded)
 libqt3-mt-sqlite - SQLite database driver for Qt3 (Threaded)
 qt-x11-free-dbg - debugging symbols for qt-x11-free binaries
 qt3-apps-dev - Qt3 Developer applications development files
 qt3-assistant - The Qt3 assistant application
 qt3-designer - Qt3 Designer
 qt3-dev-tools - Qt3 development tools
 qt3-dev-tools-compat - Conversion utilities for Qt3 development
 qt3-dev-tools-embedded - Tools to develop embedded Qt applications
 qt3-doc    - Qt3 API documentation
 qt3-examples - Examples for Qt3
 qt3-linguist - The Qt3 Linguist
 qt3-qtconfig - The Qt3 Configuration Application
Closes: 399984
Changes: 
 qt-x11-free (3:3.3.7-3) unstable; urgency=low
 .
   +++ Changes by Ana Beatriz Guerrero Lopez:
 .
   * Improved debian/copyright.
   * Update Uploaders.
   * Applied patch to avoid qmake segfaulting on GNU/Hurd when no output
     file is specified. Thanks to Michael Banck. (Closes: #399984)
 .
   +++ Changes by Sune Vuorela
 .
   * Add fix to a bengali char:
    Incorrect rendering of two special symbols (U0982) and (U0983) when
    used after the consonant conjuncts comprising of the alphabet à¦° (U09B0) +
    <any other consonant> + <any dependent vowel>.
    (fix mailed from upstream to distributions)
Files: 
 278c749585f670006599ae3ae1fb613e 1844 libs optional qt-x11-free_3.3.7-3.dsc
 65a9f6c708011f4993cfd841a3f855cd 232295 libs optional qt-x11-free_3.3.7-3.diff.gz
 ec7d1bfe9db41619fbfa38d03a761aad 127194 libs optional libqt3-i18n_3.3.7-3_all.deb
 4740d918e0e24c7337679aa654ab1bb6 5426138 doc extra qt3-doc_3.3.7-3_all.deb
 93f82ac7ad3050ec8432fbfe5a55c28f 1551378 doc extra qt3-examples_3.3.7-3_all.deb
 1d1605bb36047af7b9b2cf85e7326aeb 3129510 libs optional libqt3-mt_3.3.7-3_i386.deb
 e0a36cb22414a872d0da55e55804493e 47528 libs optional libqt3-mt-mysql_3.3.7-3_i386.deb
 ec87fc5fa2c3f879ff960ae312bbe12b 68510 libs optional libqt3-mt-odbc_3.3.7-3_i386.deb
 f021a162fedbacd5f47b88095b7880e2 53580 libs optional libqt3-mt-psql_3.3.7-3_i386.deb
 5777755ef99c6482811abada19daa315 54176 libs optional libqt3-mt-ibase_3.3.7-3_i386.deb
 eb7b03751216f79106efc25c4d0951bc 197414 libs optional libqt3-mt-sqlite_3.3.7-3_i386.deb
 460fded737a6b89ed0659e63c2927013 46894 libdevel optional libqt3-mt-dev_3.3.7-3_i386.deb
 240316859a24fcc3e4ada98426e2cdde 353488 devel optional libqt3-headers_3.3.7-3_i386.deb
 c2832761aacf3a4084a7db7a4cab511f 76950 devel optional libqt3-compat-headers_3.3.7-3_i386.deb
 ac91e514373c6ba9babb26091148649e 1233970 devel optional qt3-dev-tools_3.3.7-3_i386.deb
 73e8382fa8bad7d2817037928e36d6d2 4027104 devel optional qt3-designer_3.3.7-3_i386.deb
 f3777885fd252f02f38c4210361e88df 2375046 devel optional qt3-apps-dev_3.3.7-3_i386.deb
 7aea641f512894f8de5914afc8a0ef18 334564 devel optional qt3-linguist_3.3.7-3_i386.deb
 06186f6a39cad527e33dc06bb7989314 234042 x11 optional qt3-assistant_3.3.7-3_i386.deb
 e7370760270182027a2940c2c5806ea7 93102 x11 optional qt3-qtconfig_3.3.7-3_i386.deb
 8da75905579b25460d1293321bc8f8d5 283262 devel optional qt3-dev-tools-embedded_3.3.7-3_i386.deb
 b7ac9f70f23b1988b2932dcecece22ac 64986 devel optional qt3-dev-tools-compat_3.3.7-3_i386.deb
 e2dde6ba882ea6ab4c82eb6a38107dc1 32858030 libdevel extra qt-x11-free-dbg_3.3.7-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Signed by Ana Guerrero

iD8DBQFFp9p/n3j4POjENGERAk8KAJ9lkY8FJFNMV6LKFKM6oTGMa7hsBQCfau9Y
RmOK5PlhB4XmM0hNyaGfkQw=
=XUsj
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: qt-x11-free_3.3.7-3_i386.changes ACCEPTED
Next by Date: Processed: bug triage
Previous by thread: qt-x11-free_3.3.7-3_i386.changes ACCEPTED
Next by thread: Processed: bug triage
Index(es):
- Date
- Thread