tags 276103 patch
tags 276103 - help
thanks
On Thu, May 05, 2005 at 08:19:00AM -0400, Stephen Gran wrote:
> This one time, at band camp, Frank Lichtenheld said:
> > On Mon, Oct 11, 2004 at 09:23:33PM -0400, Stephen Gran wrote:
> > > Since it does not happen here, with tonight's sid, I am downgrading to
> > > normal for now, and tagging. Let me know if you can dig out any
> > > additional information that may be pertinent. I woul dsuggest
> > > rebuilding the package with debugging symbols enabled, except that all
> > > of the libraries installed will also be stripped, so it will be largely
> > > useless.
> >
> > FWIW, I can fully reproduce both SEGV mentioned in this bug report.
> > Any hints for where to start digging into this?
>
> Well, the original crash (on save) is in kcdlabel/kcdlabel.cpp, in the
> function KCDLabel::slotFileSave, and the write begins on about line 477.
[...]
> The cddb crash is kcdlabel/cddbaccessdialog.cpp, I believe, and if it
> crashes for you when you click OK, then the problem is in
> CDDBAccessDialog::CmOk, starting on line 53.
Actually a gdb backtrace on a unstripped kcdlabel pointed me to the
right locations. The following patch seems to fix both segfaults:
diff -ur kcdlabel-2.13-KDE3.bak/kcdlabel/kcoverfont.cpp
kcdlabel-2.13-KDE3/kcdlabel/kcoverfont.cpp
--- kcdlabel-2.13-KDE3.bak/kcdlabel/kcoverfont.cpp 2003-10-27
15:59:02.000000000 +0100
+++ kcdlabel-2.13-KDE3/kcdlabel/kcoverfont.cpp 2005-05-05 15:07:20.582490928
+0200
@@ -51,9 +51,9 @@
// save the font information
QFontInfo fi(*Font);
- r1 = strlen(fi.family());
+ r1 = fi.family().length();
file.writeBlock( (char *)&r1, sizeof(int) );
- file.writeBlock( fi.family(), r1 );
+ file.writeBlock( fi.family().ascii(), r1 );
r1 = fi.pointSize();
file.writeBlock( (char *)&r1, sizeof(int) );
r1 = fi.weight();
diff -ur kcdlabel-2.13-KDE3.bak/kcdlabel/psocket.cpp
kcdlabel-2.13-KDE3/kcdlabel/psocket.cpp
--- kcdlabel-2.13-KDE3.bak/kcdlabel/psocket.cpp 2005-03-01 08:26:27.000000000
+0100
+++ kcdlabel-2.13-KDE3/kcdlabel/psocket.cpp 2005-05-05 14:39:17.423370008
+0200
@@ -102,11 +102,11 @@
/** write a block of data of maximum len bytes */
int PSocket::writeBlock(char * buffer, int len)
{
- char *msg = NULL;
+ char *msg = (char*)malloc(len+2);
if ( State!=StateType(CONNECTED))
return -1;
- snprintf(msg, len, "%s\n", buffer);
+ snprintf(msg, len+1, "%s\n", buffer);
// int r = send(sockfd, buffer, len, MSG_NOSIGNAL );
fprintf(sk, "%s\n", msg);
But given the quality of the code I've seen during my search I would
really recommend to remove this package instead. The whole thing just
screems for segfaults and I doubt this were the lasts to be found...
Gruesse,
--
Frank Lichtenheld <[EMAIL PROTECTED]>
www: http://www.djpig.de/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
