Summary: Client crash on contacting metaserver, dependent on
latest version advertised by metaserver
Submitted by: jtn
Submitted on: Fri Mar 29 12:04:04 2013
Severity: 5 - Blocker
Priority: 5 - Normal
Status: In Progress
Assigned to: cazfi
Discussion Lock: Any
Operating System: GNU/Linux
Planned Release: 2.4.0-beta2, 2.5.0
Noticed my S2_4 client segfaulting shortly after choosing "Connect to Network
Turns out the version comparison (cvercmp) against what is advertised as
latest from the metaserver has a couple of bugs:
0 In cvercmp_next_subtoken(), there's no check for '\0'. In the case of a
string ending in a non-digit (such as "2.4.0-beta1+", we'll go off the end of
the array and probably segfault (unless we happen to find a digit in random
0 This is masked/compounded by another bug: in cvercmp_ver_subtokenize(),
there's a spurious +1 causing subtokens to be missed. So in "beta1+", the "1"
is skipped and we hit "+", triggering the previous bug; and when comparing
"beta1" and "beta2", we'll skip over the digits and start at '\0', which is a
non-digit and will also trigger the previous bug.
I think we've been getting away with it in 2.4.0-beta1 because the metaserver
and local strings compare equal before we do this check. So far I think only
people running development code from svn are affected. (Not sure why it hasn't
bitten me before now, to be honest.)
Unfortunately I think this will cause crashes in existing beta1 installations
when we release 2.4.0-beta2 and update the metaserver. I don't think there's
anything to be done about that, other than advise people to upgrade.
Assigning to cazfi initially as the fix will also want pushing to his cvercmp
upstream <http://www.cazfi.net/other/cvercmp.html> and I guess he'll want to
handle pulling the new version into Freeciv; however, I will commit this
directly to Freeciv soon if it stalls.
Reply to this item at:
Message sent via/by Gna!
Freeciv-dev mailing list