On Tue, Oct 30, 2012 at 08:59:27PM +0100, Juan Francisco Cantero Hurtado wrote:
> On Tue, Oct 30, 2012 at 09:31:58AM +0100, Otto Moerbeek wrote:
> > On Mon, Oct 29, 2012 at 06:43:13PM +0100, Juan Francisco Cantero Hurtado
> > wrote:
> >
> > > Chris Cappuccio sent me a mail saying he can't see the characters, only
> > > a question mark.
> > >
> > > I'm linking each character to their wikipedia page, so you can
> > > copy-paste the character.
> > >
> > > On Thu, Oct 25, 2012 at 05:07:34AM +0200, Juan Francisco Cantero Hurtado
> > > wrote:
> > > > This afternoon I was downloading a tarball from a OpenBSD mirror. I
> > > > press the key "?" and after the tab key. ftp crashed with a segfault.
> >
> > Please also include your environment settings. It is likely locale
> > plays a role here.
> >
> > At least env | grep LC
> >
>
> I've tried the bug in amd64 without locales and also with
> LC_TIME="es_ES.ISO8859-1" LC_CTYPE="en_US.UTF-8".
>
> The i386 system was a clean installation in a virtual machine.
I can now reproduce using a terminal that accepts more than just low ascii.
What I see is that when complete() is called the cursor position in
the EditLine struct is not what it is supposed to be, it points a
couple of bytes beyond the terminating NUL while it is supposed to
point to the NUL. That causes confusing in the scanner, getting the
argument list count wrong.
The root of the problem seems to be inside the editline lib.
Cc:ing nicm@, maybe he has a clue
-Otto
>
> >
> > > https://en.wikipedia.org/wiki/%C2%BA
> > > >
> > > > Steps for reproduce:
> > > > # ftp ftp.fr.openbsd.org
> > > > user and password
> > > > ascii art
> > > > ftp> cd pub/Open? <- Here press the tab key
> > > https://en.wikipedia.org/wiki/%C2%BA
> > > > segmentation fault (core dumped) ftp ftp.fr.openbsd.org
> > > >
> > > > It also crashes with the letter "?" and "?".
> > > https://en.wikipedia.org/wiki/%C3%81
> > > https://en.wikipedia.org/wiki/%C3%91
> > > >
> > > > Tested in:
> > > > - A snapshot from yesterday. i386. root account. console/ksh without
> > > > locales.
> > > > - A snapshot from a few days ago. amd64. user. urxvt/zsh with utf8
> > > > locales.
> > > >
> > > > I also tested the bug in a remote session with OpenBSD 4.7 and ftp works
> > > > without problems.
> > > >
> > > > I've updated the code of usr.bin/ftp to 2012-10-01 and 2012-01-01 and
> > > > tried both versions. ftp also crashes.
> > > >
> > > > Backtrace:
> > > > Thread 1 (process 3436):
> > > > #0 memcpy (dst0=0x9d4160, src0=Variable "src0" is not available.
> > > > ) at /usr/src/lib/libc/string/bcopy.c:115
> > > > #1 0x000000000040432b in complete (el=Variable "el" is not available.
> > > > ) at /usr/src/usr.bin/ftp/complete.c:313
> > > > #2 0x000000000041eb84 in el_wgets (el=0x20da64800,
> > > > nread=0x7f7ffffe3ebc) at read.c:612
> > > > #3 0x000000000041ef8d in el_gets (el=0x20da64800, nread=Variable
> > > > "nread" is not available.
> > > > ) at eln.c:78
> > > > #4 0x000000000040e55f in cmdscanner (top=Variable "top" is not
> > > > available.
> > > > ) at /usr/src/usr.bin/ftp/main.c:465
> > > > #5 0x000000000040eb7c in main (argc=1, argv=0x7f7ffffe4398) at
> > > > /usr/src/usr.bin/ftp/main.c:369
> > > >
> > > > Let me know if it's necessary more info or whatever :)
> > > >
> > > > Cheers.
> > > >
> > >
>
> --
> Juan Francisco Cantero Hurtado http://juanfra.info
