Bug#774135: mc: segfault for SFTP VFS

2015-05-06 Thread Denis Briand 
tags 774135 - moreinfo
forwarded 774135 https://www.midnight-commander.org/ticket/3456
thanks

Many thanks Thorsten for these infos.
I prefere to forward this bug to upstream team.
Best regards

Denis Briand


signature.asc
Description: Digital signature

Bug#774135: mc: segfault for SFTP VFS

2015-02-17 Thread Thorsten Glaser 
tags 774135 - unreproducible
thanks

 It works fine on my sid amd64 config.

After further analysis, I can reconfirm this bug exists
in Debian/x32 sid, but not in Debian/i386 sid or Debian/amd64 sid.

I’ll track this down further.

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774135: mc: segfault for SFTP VFS

2015-02-17 Thread Thorsten Glaser 
severity 774135 important
thanks

Dixi quod…

 I’ll track this down further.

OK, we have a honest code bug (typescript first, analysis below):

tglase@tglase:~ $ gdb /usr/bin/mc.distrib  ~/core
GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type show copying
and show warranty for details.
This GDB was configured as x86_64-linux-gnux32.
Type show configuration for configuration details.
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/.
Find the GDB manual and other documentation resources online at:
http://www.gnu.org/software/gdb/documentation/.
For help, type help.
Type apropos word to search for commands related to word...
Reading symbols from /usr/bin/mc.distrib...done.
BFD: Warning: /home/tglase/core is truncated: expected core file size = 
1744896, found: 1736704.
[New LWP 22766]
[Thread debugging using libthread_db enabled]
Using host libthread_db library /lib/x86_64-linux-gnux32/libthread_db.so.1.
Core was generated by `/usr/bin/mc -d'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0xf77a0513 in sftpfs_cb_open_connection (super=optimized out, 
vpath=optimized out,
vpath_element=optimized out) at vfs_subclass.c:114
114 vpath_element-class-verrno = mcerror-code;
(gdb) bt
#0  0xf77a0513 in sftpfs_cb_open_connection (super=optimized out, 
vpath=optimized out,
vpath_element=optimized out) at vfs_subclass.c:114
#1  0xf775e839 in vfs_s_get_path (vpath=vpath@entry=0xf97ae880, 
archive=archive@entry=0xff95bec8,
flags=flags@entry=0) at direntry.c:1147
#2  0xf775ecfb in vfs_s_inode_from_path (vpath=vpath@entry=0xf97ae880, 
flags=flags@entry=5)
at direntry.c:380
#3  0xf775eeb1 in vfs_s_opendir (vpath=optimized out) at direntry.c:409
#4  0xf775ef18 in vfs_s_chdir (vpath=optimized out) at direntry.c:477
#5  0xf7728ac1 in mc_chdir (vpath=vpath@entry=0xf9797f90) at interface.c:685
#6  0xf7735f53 in _do_panel_cd (panel=optimized out, 
new_dir_vpath=0xf9797f90, cd_type=optimized out)
at panel.c:3179
#7  0xf7736afc in do_panel_cd (panel=optimized out, new_dir_vpath=optimized 
out,
cd_type=optimized out) at panel.c:4535
#8  0xf77380bd in do_cd (new_dir_vpath=new_dir_vpath@entry=0xf9797f90, 
exact=exact@entry=cd_parse_command)
at panel.c:4934
#9  0xf77181bb in do_cd_command (orig_cmd=optimized out) at command.c:445
#10 0xf771865f in enter (lc_cmdline=optimized out) at command.c:263
#11 command_callback (w=optimized out, sender=optimized out, msg=optimized 
out,
parm=optimized out, data=optimized out) at command.c:355
#12 0xf7731e2c in send_message (data=0x0, parm=10, msg=MSG_KEY, sender=0x0, 
w=optimized out)
at ../../lib/widget/widget-common.h:167
#13 midnight_callback (w=optimized out, sender=optimized out, 
msg=optimized out,
parm=optimized out, data=optimized out) at midnight.c:1469
#14 0xf7719eeb in send_message (data=0x0, parm=10, msg=MSG_KEY, sender=0x0, 
w=0xf9797fc0)
at ../../lib/widget/widget-common.h:167
#15 dlg_key_event (d_key=10, h=optimized out) at dialog.c:504
#16 dlg_process_event (h=optimized out, key=10, event=optimized out) at 
dialog.c:1235
#17 0xf771a581 in frontend_dlg_run (h=0xf9797fc0) at dialog.c:569
#18 dlg_run (h=optimized out) at dialog.c:1266
#19 0xf7732ccd in create_panels_and_run_mc () at midnight.c:960
#20 do_nc () at midnight.c:1753
#21 0xf770d147 in main (argc=1, argv=0xff95c394) at main.c:414
(gdb) print mcerror
$1 = (GError *) 0x0
(gdb) list sftpfs_cb_open_connection
87   */
88
89  static int
90  sftpfs_cb_open_connection (struct vfs_s_super *super,
91 const vfs_path_t * vpath, const 
vfs_path_element_t * vpath_element)
92  {
93  GError *mcerror = NULL;
94  sftpfs_super_data_t *sftpfs_super_data;
95  int ret_value;
96
(gdb)
97  (void) vpath;
98
99  if (vpath_element-host == NULL || *vpath_element-host == '\0')
100 {
101 vfs_print_message (_(sftp: Invalid host name.));
102 vpath_element-class-verrno = EPERM;
103 return -1;
104 }
105
106 sftpfs_super_data = g_new0 (sftpfs_super_data_t, 1);
(gdb)
107 sftpfs_super_data-original_connection_info = 
vfs_path_element_clone (vpath_element);
108 super-data = sftpfs_super_data;
109 super-path_element = vfs_path_element_clone (vpath_element);
110
111 sftpfs_fill_connection_data_from_config (super, mcerror);
112 if (mc_error_message (mcerror))
113 {
114 vpath_element-class-verrno = mcerror-code;
115 return -1;
116 }


The thing is: mc_error_message free()s mcerror afterwards,
so this is a genuine use-after-free bug.

bye,
//mirabilos
-- 
Sometimes they [people] care too much: pretty

Bug#774135: mc: segfault for SFTP VFS

2015-02-17 Thread Thorsten Glaser 
tags 774135 - unreproducible moreinfo
thanks

On Tue, 17 Feb 2015, Denis Briand wrote:

 Try with empty .ssh/ and .config/mc/ directories.

OK, that was a good one.

I can reproduce it works without .ssh/config and
fails with one, e.g. containing:

Host *  
 HashKnownHosts no

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774135: mc: segfault for SFTP VFS

2015-02-17 Thread Denis Briand 
tags 774135 unreproducible moreinfo
severity 774135 minor
thanks 

Hello Thorsten,
Thank you for your bug report.
Sorry, but I can't reproduce this bug.
cd /sftp://user@host; into the mc command line works fine here.
I've tried to remove read access on my ~/.ssh/config
It works fine also.
Maybe you can give us more information about your configuration?
Try with empty .ssh/ and .config/mc/ directories.

Best regards

Denis Briand


signature.asc
Description: Digital signature

Bug#774135: mc: segfault for SFTP VFS

2014-12-29 Thread Thorsten Glaser 
Package: mc
Version: 3:4.8.13-3
Severity: important

I just was trying to use SFTP by entering
“cd /sftp://user@host” into the mc command line.

I got a red pop-up window saying: Error

11: sftp: an error occurred while reading ~/.ssh/config: Resource temporarily 
unavailable

Then I acknowledged it and mc segfaulted. The core dump
is not helpful due to lack of debug symbols, of course.

-- System Information:
Debian Release: 8.0
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages mc depends on:
ii  e2fslibs  1.42.12-1
ii  libc6 2.19-13
ii  libglib2.0-0  2.42.1-1
ii  libgpm2   1.20.4-6.1+b2
ii  libslang2 2.3.0-2
ii  libssh2-1 1.4.3-4
ii  mc-data   3:4.8.13-3

Versions of packages mc recommends:
ii  mime-support  3.57
ii  perl  5.20.1-4
ii  unzip 6.0-13

Versions of packages mc suggests:
ii  arj  3.10.22-12
ii  bzip21.0.6-7+b2
pn  dbview   none
pn  djvulibre-binnone
ii  file 1:5.21+15-1
pn  genisoimage  none
pn  gv   none
ii  imagemagick  8:6.8.9.9-4
pn  links | w3m | lynx   none
ii  mupdf [pdf-viewer]   1.6-1
pn  odt2txt  none
ii  okular [pdf-viewer]  4:4.14.2-2
ii  poppler-utils0.26.5-2
ii  python   2.7.8-2
pn  python-boto  none
ii  python-tz2012c+dfsg-0.1
ii  texlive-binaries 2014.20140926.35254-4
ii  zip  3.0-8

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org