Re: [Cooker] libsafe-2.0-2mdk has a SEGFAULT in it

Sun, 15 Apr 2001 11:48:03 -0700 

On Sun, Apr 15, 2001 at 10:40:03AM -0700, Brian J. Murrell wrote:
> For any of you who have been seeing an inordinate number of segfaults
> on your latest Mandrake systems, libsafe-2.0-2mdk is at fault.
> 
> Here is the backtrace froma given program on my system.  This program
> runs just fine once I have removed libsafe from the preload list.
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x400a2b8b in _IO_padn () from /lib/libc.so.6
> (gdb) where
> #0  0x400a2b8b in _IO_padn () from /lib/libc.so.6
> #1  0x40020d41 in _IO_vfprintf () from /lib/libsafe.so.2.0
> #2  0x40023da7 in vfprintf () from /lib/libsafe.so.2.0
> #3  0x4001f2ba in _IO_vfprintf () from /lib/libsafe.so.2.0
> #4  0x40023cb3 in vfprintf () from /lib/libsafe.so.2.0
> #5  0x400902f3 in fprintf () from /lib/libc.so.6
> #6  0x08049316 in readsfv (fn=0xbffff640 "Blo HBO VCD Cd2.sfv", dir=0xbffff740 ".", 
>nocase=0) at readsfv.c:77
> #7  0x08048c1a in main (argc=0, argv=0xbffff8d8) at cksfv.c:63
> #8  0x4004e0de in __libc_start_main () from /lib/libc.so.6
> 
> Maybe I will d/l libsafe 2.0 source and dig into this one.  If I find
> time.  :-)

Upon closer inspection, it might be a libc problem that libsafe is
tickling.

On a side note, there are some interesting features that I think would
be very useful to employ.  I asked about one of them here a while ago
and nothing ever happened about it.

The Makefile for libsafe-2.0 shows the following "debugging" options:

 -DDUMP_STACK to see a printout of the stack contents when a violation
              is detected (dumps to LIBSAFE_DUMP_STACK_FILE or stderr if that
              file can't be created)

This would be very useful to report back to you folks and/or package
maintainers when a stack overflow is found.  Could we have this option
enabled please?

 -DDUMP_CORE to create a core dump when terminating the program.

This might be alternatively useful.

 -DNOTIFY_WITH_EMAIL if you wish to be notified via email of security
                     violations that are caught with libsafe.

I noticed that the -2mdk version of the package does not have this
turned on.  It was turned on in the 1.3 versions.  This is incredibly
useful for determining the difference between stack overflow
terminations and other errors.  Can we have this turned back on?

b.


-- 
Brian J. Murrell

Reply via email to