Ticket #3606 (closed defect: fixed)
[BUG] segfault on SHELL=bash
| Reported by: | and | Owned by: | andrew_b |
|---|---|---|---|
| Priority: | major | Milestone: | 4.8.17 |
| Component: | mc-core | Version: | 4.8.16 |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Branch state: | merged | Votes for changeset: | committed-master |
Description
When using non-path SHELL variable like
$ SHELL=bash /usr/bin/mc
we will hit segfault at
==18747==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7ff92915602d bp 0x7ff92a327300 sp 0x7ffdcd67b698 T0)
#0 0x7ff92915602c (/lib64/libc.so.6+0x9e02c)
#1 0x44d865 in __interceptor_strstr (/usr/bin/mc+0x44d865)
#2 0x7ff92a233dd6 in mc_shell_recognize_and_fill_type /tmp/portage/app-misc/mc-9999/work/mc-9999/lib/shell.c:151:52
#3 0x7ff92a233dd6 in mc_shell_init /tmp/portage/app-misc/mc-9999/work/mc-9999/lib/shell.c:233
#4 0x4f7b92 in OS_Setup /tmp/portage/app-misc/mc-9999/work/mc-9999/src/main.c:128:5
#5 0x4f7b92 in main /tmp/portage/app-misc/mc-9999/work/mc-9999/src/main.c:250
#6 0x7ff9290d88fb in __libc_start_main (/lib64/libc.so.6+0x208fb)
#7 0x427148 in _start (/usr/bin/mc+0x427148)
root cause is not checking null case when filling mc_shell->real_path variable from mc_realpath()/realpath().
Change History
comment:2 Changed 9 years ago by andrew_b
- Version changed from master to 4.8.16
- Milestone changed from Future Releases to 4.8.17
Branch: 3606_shell_segfault
changeset:c53e8d1afa67fbf4db74c6d1ddd3a185b42f0704
comment:3 Changed 9 years ago by zaytsev
- Votes for changeset set to zaytsev
- Branch state changed from no branch to approved
comment:4 Changed 9 years ago by andrew_b
- Status changed from accepted to testing
- Votes for changeset changed from zaytsev to committed-master
- Resolution set to fixed
- Branch state changed from approved to merged
Merged to master: [787cea240feef1392741be1043fd7bf18f0d7c48].
git log --pretty=oneline b678d3b..787cea2
Note: See
TracTickets for help on using
tickets.
