NetBSD Problem Report #39440

From www@NetBSD.org  Sun Aug 31 20:24:25 2008
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by narn.NetBSD.org (Postfix) with ESMTP id D345363BC49
	for <gnats-bugs@gnats.netbsd.org>; Sun, 31 Aug 2008 20:24:25 +0000 (UTC)
Message-Id: <20080831202425.9F57F63BC30@narn.NetBSD.org>
Date: Sun, 31 Aug 2008 20:24:25 +0000 (UTC)
From: ekamperi@gmail.com
Reply-To: ekamperi@gmail.com
To: gnats-bugs@NetBSD.org
Subject: veriexecctl(8) segfaults when no argument is given
X-Send-Pr-Version: www-1.0

>Number:         39440
>Category:       bin
>Synopsis:       veriexecctl(8) segfaults when no argument is given
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Aug 31 20:25:00 +0000 2008
>Closed-Date:    Sun Aug 31 23:40:47 +0000 2008
>Last-Modified:  Sun Aug 31 23:40:47 +0000 2008
>Originator:     Stathis Kamperis
>Release:        NetBSD-4.99.72
>Organization:
>Environment:
NetBSD netbsd 4.99.72 NetBSD 4.99.72 (MYGENERIC) #0: Fri Aug 29 22:49:53 EEST 2008  root@netbsd:/usr/obj/sys/arch/i386/compile/MYGENERIC i386

>Description:
veriexecctl(8) segfaults when no argument is given.
Here is the backtrace:


[stathis@netbsd /usr/src/sbin/veriexecctl] sudo gdb ./veriexecctl
GNU gdb 6.5
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386--netbsdelf"...
(gdb) r
Starting program: /usr/src/sbin/veriexecctl/veriexecctl

Program received signal SIGSEGV, Segmentation fault.
0xbbb9959a in strcasecmp () from /lib/libc.so.12
(gdb) bt
#0  0xbbb9959a in strcasecmp () from /lib/libc.so.12
#1  0x0804acb9 in main (argc=0, argv=Cannot access memory at address 0x4
) at veriexecctl.c:236
(gdb)


When no argument is given, getopt() returns -1, the `default' label isn't executed, usage() isn't executed either, execution continues and
later on strcasecmp() tries to access argv[0] which corresponds to the initial argv[1] since it was augmented by 1 in line 228: argv += optind (optind is initialized to 1 according to getopt(3) man page). 

>How-To-Repeat:
Just run veriexecctl with no argument given
>Fix:
I attach a patch that fixes the problem.
Since we are here, remove also some whitespace.

Index: veriexecctl.c
===================================================================
RCS file: /cvsroot/src/sbin/veriexecctl/veriexecctl.c,v
retrieving revision 1.31
diff -u -r1.31 veriexecctl.c
--- veriexecctl.c       15 Feb 2008 15:33:56 -0000      1.31
+++ veriexecctl.c       31 Aug 2008 12:42:55 -0000
@@ -2,7 +2,7 @@

 /*-
 * Copyright 2005 Elad Efrat <elad@NetBSD.org>
- * Copyright 2005 Brett Lymn <blymn@netbsd.org>
+ * Copyright 2005 Brett Lymn <blymn@netbsd.org>
 *
 * All rights reserved.
 *
@@ -144,7 +144,7 @@
        v = dict_getd(qp, "fp");
       for (i = 0; i < prop_data_size(prop_dictionary_get(qp, "fp")); i++)
               printf("%02x", v[i] & 0xff);
-       printf("\n");
+       printf("\n");
 }

 static char *
@@ -226,6 +226,8 @@

       argc -= optind;
       argv += optind;
+        if (argc == 0)
+            usage();

       if ((gfd = open(VERIEXEC_DEVICE, O_RDWR, 0)) == -1)
               err(1, "Cannot open `%s'", VERIEXEC_DEVICE);

>Release-Note:

>Audit-Trail:
From: "David A. Holland" <dholland@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/39440 CVS commit: src/sbin/veriexecctl
Date: Sun, 31 Aug 2008 23:35:04 +0000 (UTC)

 Module Name:	src
 Committed By:	dholland
 Date:		Sun Aug 31 23:35:04 UTC 2008

 Modified Files:
 	src/sbin/veriexecctl: veriexecctl.c

 Log Message:
 Don't dump core if given no arguments. Fixes PR 39440 from Stathis Kamperis
 (but with a different patch).


 To generate a diff of this commit:
 cvs rdiff -r1.31 -r1.32 src/sbin/veriexecctl/veriexecctl.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "David A. Holland" <dholland@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/39440 CVS commit: src/sbin/veriexecctl
Date: Sun, 31 Aug 2008 23:37:45 +0000 (UTC)

 Module Name:	src
 Committed By:	dholland
 Date:		Sun Aug 31 23:37:45 UTC 2008

 Modified Files:
 	src/sbin/veriexecctl: veriexecctl.c veriexecctl.h veriexecctl_conf.l
 	    veriexecctl_parse.y

 Log Message:
 Remove trailing whitespace. Noted in PR 39440 by Stathis Kamperis.


 To generate a diff of this commit:
 cvs rdiff -r1.32 -r1.33 src/sbin/veriexecctl/veriexecctl.c
 cvs rdiff -r1.10 -r1.11 src/sbin/veriexecctl/veriexecctl.h
 cvs rdiff -r1.11 -r1.12 src/sbin/veriexecctl/veriexecctl_conf.l
 cvs rdiff -r1.24 -r1.25 src/sbin/veriexecctl/veriexecctl_parse.y

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sun, 31 Aug 2008 23:40:47 +0000
State-Changed-Why:
Fixed, thanks!


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.