URL:
  <http://savannah.gnu.org/bugs/?54126>

                 Summary:  Wget keeps crashing in Windows sometimes when the
filename is large enough to scroll it
                 Project: GNU Wget
            Submitted by: vyacheslav
            Submitted on: Sat 16 Jun 2018 10:43:59 PM UTC
                Category: Crash/Freeze/Infloop
                Severity: 3 - Normal
                Priority: 5 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 1.19.5
        Operating System: Microsoft Windows
         Reproducibility: Intermittent
           Fixed Release: None
         Planned Release: None
              Regression: None
           Work Required: None
          Patch Included: Yes

    _______________________________________________________

Details:

the last letter keeps getting repeated, while the rest of the progress bar
stops updating. 

I'm not very familiar with the Debuggers under Wine, so I'm just
added some code to progress.c, which writes to the logfile information about
the function calls
and the values of the variables in this functions:
wne-console ./wget-deb.exe http://xxx.yyy.zz -O
01234567890123456789abcdef.iso
..........
>-bar_draw(bp->f_download=01234567890123456789abcdef.iso)
    ........
    >-create_image(fName=01234567890123456789abcdef.iso)
        ........
        ........
        //offset_bytes = cols_to_bytes (bp->f_download, offset_cols,
cols_ret);
        >-cols_to_bytes(mbs=01234567890123456789abcdef.iso, cols=13)
              strlen(mbs)=30
              return 13
        <-cols_to_bytes (mbs=01234567890123456789abcdef.iso)
        offset_bytes = 13
        >-cols_to_bytes (mbs=3456789abcdef.iso, cols=19)
              strlen(mbs)=17
              return 19
        <-cols_to_bytes (mbs=3456789abcdef.iso)
        bytes_in_filename = 19 !!!!! BUT it is not!
        cols_ret = 19
        //memcpy (p, bp->f_download + offset_bytes, bytes_in_filename);
        #buffer/start=offset(13)/#         = #3456789abcdef.iso#
        padding = 0 => MAX_FILENAME_COLS - (padding + *cols_ret) [ 19 - (0 +
19)]   !!!!!! BUT must be real cols_bytes for padding!!
        space set at *p !!!!! always be at same place!
        #buffer/start=offset/padded/#      = #3456789abcdef.iso# !!!! must be
#3456789abcdef.iso #!
        .......
        .......
    <-create_image(fName=01234567890123456789abcdef.iso)
    .........
<-bar_draw(bp->f_download=01234567890123456789abcdef.iso)
..............
And again and again.  cols_to_bytes() simply returns cols , regardless length
of the string.
I think that sometimes memcpy goes beyond the boundaries of the memory
belonging to the process,
depending on the length of the string and the memory allocation for it.

some changes in cols_to_bytes() and freezes disappear, no crashes for now
yet.






    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Sat 16 Jun 2018 10:43:59 PM UTC  Name: wget-version.txt  Size: 2KiB  
By: vyacheslav

<http://savannah.gnu.org/bugs/download.php?file_id=44376>
-------------------------------------------------------
Date: Sat 16 Jun 2018 10:43:59 PM UTC  Name: progress-win32.patch  Size: 384B 
 By: vyacheslav

<http://savannah.gnu.org/bugs/download.php?file_id=44377>

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?54126>

_______________________________________________
  Message sent via Savannah
  https://savannah.gnu.org/


Reply via email to