Bug#774673: xfig crashes with stack smash detected when attempting to change arrow size
hello, I had the same problem. It comes from retrieving Xt ressource with a bad type variable. xfig-3.2.5.c/w_indpanel.c:1293: FirstArg(XtNradioData, which); GetValues(w); which is declared as a int (32b) whereas radioData waits for a XPointer (64b). Find enclosed a patch that corrects it. I also changed some others variables from unsigned long to Pixel to follow the documentation althougth the both types are equal. Sincerly, -- Julien Vous n'avez rien a dire... Parlons-en! diff -ru xfig-3.2.5.c.orig/resources.c xfig-3.2.5.c/resources.c --- xfig-3.2.5.c.orig/resources.c 2015-01-08 17:53:26.0 +0100 +++ xfig-3.2.5.c/resources.c 2015-01-12 18:53:06.968120279 +0100 @@ -172,9 +172,9 @@ Pixmap fill_pm[NUMFILLPATS],fill_but_pm[NUMPATTERNS]; float fill_pm_zoom[NUMFILLPATS],fill_but_pm_zoom[NUMFILLPATS]; XColor x_fg_color, x_bg_color; -unsigned long but_fg, but_bg; -unsigned long ind_but_fg, ind_but_bg; -unsigned long mouse_but_fg, mouse_but_bg; +Pixel but_fg, but_bg; +Pixel ind_but_fg, ind_but_bg; +Pixel mouse_but_fg, mouse_but_bg; float ZOOM_FACTOR; /* assigned in main.c */ float PIC_FACTOR; /* assigned in main.c, updated in unit_panel_set() and diff -ru xfig-3.2.5.c.orig/resources.h xfig-3.2.5.c/resources.h --- xfig-3.2.5.c.orig/resources.h 2011-02-18 20:35:42.0 +0100 +++ xfig-3.2.5.c/resources.h 2015-01-12 18:53:06.968120279 +0100 @@ -378,9 +378,9 @@ extern Pixmap fill_pm[NUMFILLPATS],fill_but_pm[NUMPATTERNS]; extern float fill_pm_zoom[NUMFILLPATS],fill_but_pm_zoom[NUMFILLPATS]; extern XColor x_fg_color, x_bg_color; -extern unsigned long but_fg, but_bg; -extern unsigned long ind_but_fg, ind_but_bg; -extern unsigned long mouse_but_fg, mouse_but_bg; +extern Pixel but_fg, but_bg; +extern Pixel ind_but_fg, ind_but_bg; +extern Pixel mouse_but_fg, mouse_but_bg; /* will contain environment variable XFIGTMPDIR, if any */ extern char*TMPDIR; diff -ru xfig-3.2.5.c.orig/w_grid.c xfig-3.2.5.c/w_grid.c --- xfig-3.2.5.c.orig/w_grid.c 2011-09-30 21:27:36.0 +0200 +++ xfig-3.2.5.c/w_grid.c 2015-01-12 18:57:31.984079710 +0100 @@ -34,7 +34,7 @@ static char null_bits[null_width * null_height / 8] = {0}; static Pixmap null_pm, grid_pm = 0; -static unsigned long bg, fg; +static Pixel bg, fg; diff -ru xfig-3.2.5.c.orig/w_indpanel.c xfig-3.2.5.c/w_indpanel.c --- xfig-3.2.5.c.orig/w_indpanel.c 2011-09-30 21:27:36.0 +0200 +++ xfig-3.2.5.c/w_indpanel.c 2015-01-12 18:53:06.968120279 +0100 @@ -1266,6 +1266,7 @@ set_arrow_size_state(Widget w, XtPointer closure, XtPointer call_data) { Boolean state; +XPointer xtwhich; int which; Pixel bg1, bg2, fg1, fg2; @@ -1290,8 +1291,9 @@ XtSetSensitive(abstoggle, state); /* which button */ -FirstArg(XtNradioData, which); +FirstArg(XtNradioData, xtwhich); GetValues(w); +which=(int)xtwhich; if (which == 1) /* multiple button, invert state */ state = !state; diff -ru xfig-3.2.5.c.orig/w_print.c xfig-3.2.5.c/w_print.c --- xfig-3.2.5.c.orig/w_print.c 2012-07-12 18:50:23.0 +0200 +++ xfig-3.2.5.c/w_print.c 2015-01-12 18:53:06.968120279 +0100 @@ -625,7 +625,7 @@ Widget image; Widget entry,mag_spinner, below, fitpage; Pixmap p; - unsignedlong fg, bg; + Pixel fg, bg; char *printer_val; char buf[100]; char *unit; diff -ru xfig-3.2.5.c.orig/w_rulers.c xfig-3.2.5.c/w_rulers.c --- xfig-3.2.5.c.orig/w_rulers.c 2011-09-30 21:27:36.0 +0200 +++ xfig-3.2.5.c/w_rulers.c 2015-01-12 18:53:06.968120279 +0100 @@ -1050,7 +1050,7 @@ void setup_topruler(void) { -unsigned long bg, fg; +Pixel bg, fg; XGCValues gcv; unsigned long gcmask; XFontStruct *font; @@ -1358,7 +1358,7 @@ void setup_sideruler(void) { -unsigned long bg, fg; +Pixel bg, fg; XGCValues gcv; unsigned long gcmask; XFontStruct *font; signature.asc Description: Digital signature
Bug#774673: xfig crashes with stack smash detected when attempting to change arrow size
Package: xfig Version: 1:3.2.5.c-3+b1 Severity: normal Dear Maintainer, Start xfig from a terminal, then select the `arrow' tool, then attempt to change arrow characteristics by clicking on the `thickness' button. I see in the terminal: $ xfig *** stack smashing detected ***: xfig terminated === Backtrace: = /lib/x86_64-linux-gnu/libc.so.6(+0x7303f)[0x7ff37e6d303f] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7ff37e756147] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x0)[0x7ff37e756110] xfig(+0xabd31)[0x7ff37fe81d31] xfig(+0xb1481)[0x7ff37fe87481] /usr/lib/x86_64-linux-gnu/libXt.so.6(XtDispatchEventToWidget+0x484)[0x7ff37f06f174] /usr/lib/x86_64-linux-gnu/libXt.so.6(+0x2287d)[0x7ff37f06f87d] /usr/lib/x86_64-linux-gnu/libXt.so.6(XtDispatchEvent+0xc9)[0x7ff37f06f959] xfig(+0x1de38)[0x7ff37fdf3e38] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7ff37e681b45] xfig(+0x1e1bc)[0x7ff37fdf41bc] === Memory map: 7ff37c99-7ff37c9a6000 r-xp 08:04 2226197268 /lib/x86_64-linux-gnu/libgcc_s.so.1 7ff37c9a6000-7ff37cba5000 ---p 00016000 08:04 2226197268 /lib/x86_64-linux-gnu/libgcc_s.so.1 7ff37cba5000-7ff37cba6000 rw-p 00015000 08:04 2226197268 /lib/x86_64-linux-gnu/libgcc_s.so.1 7ff37cba6000-7ff37cbab000 r-xp 08:04 151697559 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0 7ff37cbab000-7ff37cdaa000 ---p 5000 08:04 151697559 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0 7ff37cdaa000-7ff37cdab000 r--p 4000 08:04 151697559 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0 7ff37cdab000-7ff37cdac000 rw-p 5000 08:04 151697559 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0 7ff37cdac000-7ff37cdb5000 r-xp 08:04 150835319 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0 7ff37cdb5000-7ff37cfb4000 ---p 9000 08:04 150835319 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0 7ff37cfb4000-7ff37cfb5000 r--p 8000 08:04 150835319 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0 7ff37cfb5000-7ff37cfb6000 rw-p 9000 08:04 150835319 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0 7ff37cfb6000-7ff37cfc r-xp 08:04 150835322 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2 7ff37cfc-7ff37d1bf000 ---p a000 08:04 150835322 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2 7ff37d1bf000-7ff37d1c r--p 9000 08:04 150835322 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2 7ff37d1c-7ff37d1c1000 rw-p a000 08:04 150835322 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2 7ff37d1c1000-7ff37d1c6000 r-xp 08:04 149510812 /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0 7ff37d1c6000-7ff37d3c5000 ---p 5000 08:04 149510812 /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0 7ff37d3c5000-7ff37d3c6000 rw-p 4000 08:04 149510812 /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0 7ff37d3c6000-7ff37d3c9000 r-xp 08:04 152719354 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0 7ff37d3c9000-7ff37d5c8000 ---p 3000 08:04 152719354 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0 7ff37d5c8000-7ff37d5c9000 r--p 2000 08:04 152719354 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0 7ff37d5c9000-7ff37d5ca000 rw-p 3000 08:04 152719354 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0 7ff37d5ca000-7ff37d5ce000 r-xp 08:04 2305127154 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 7ff37d5ce000-7ff37d7cd000 ---p 4000 08:04 2305127154 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 7ff37d7cd000-7ff37d7ce000 r--p 3000 08:04 2305127154 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 7ff37d7ce000-7ff37d7cf000 rw-p 4000 08:04 2305127154 /lib/x86_64-linux-gnu/libuuid.so.1.3.0 7ff37d7cf000-7ff37d7d2000 r-xp 08:04 2253906567 /lib/x86_64-linux-gnu/libdl-2.19.so 7ff37d7d2000-7ff37d9d1000 ---p 3000 08:04 2253906567 /lib/x86_64-linux-gnu/libdl-2.19.so 7ff37d9d1000-7ff37d9d2000 r--p 2000 08:04 2253906567 /lib/x86_64-linux-gnu/libdl-2.19.so 7ff37d9d2000-7ff37d9d3000 rw-p 3000 08:04 2253906567 /lib/x86_64-linux-gnu/libdl-2.19.so 7ff37d9d3000-7ff37d9f4000 r-xp 08:04 149130112 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0 7ff37d9f4000-7ff37dbf3000 ---p 00021000 08:04 149130112 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0 7ff37dbf3000-7ff37dbf4000 r--p 0002 08:04 149130112 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0 7ff37dbf4000-7ff37dbf5000 rw-p 00021000 08:04 149130112 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0 7ff37dbf5000-7ff37dc06000 r-xp 08:04 154789414