Bug 1169022
| Summary: | [abrt] wget: ftp_expected_bytes(): wget killed by SIGSEGV | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Robert Hancock <hancockrwd> | ||||||||||||||||||||||||||
| Component: | wget | Assignee: | Tomáš Hozza <thozza> | ||||||||||||||||||||||||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||||||||||||||||||||
| Severity: | unspecified | Docs Contact: | |||||||||||||||||||||||||||
| Priority: | unspecified | ||||||||||||||||||||||||||||
| Version: | 20 | CC: | frigoris.ma, gajownik, micah, thozza | ||||||||||||||||||||||||||
| Target Milestone: | --- | ||||||||||||||||||||||||||||
| Target Release: | --- | ||||||||||||||||||||||||||||
| Hardware: | x86_64 | ||||||||||||||||||||||||||||
| OS: | Unspecified | ||||||||||||||||||||||||||||
| URL: | https://retrace.fedoraproject.org/faf/reports/bthash/32e6ec412f086171a05541c82485094bf271bbef | ||||||||||||||||||||||||||||
| Whiteboard: | abrt_hash:833e586dade657e59cf7069af7c8cdc0d853162d | ||||||||||||||||||||||||||||
| Fixed In Version: | wget-1.16.1-2.fc21 | Doc Type: | Bug Fix | ||||||||||||||||||||||||||
| Doc Text: | Story Points: | --- | |||||||||||||||||||||||||||
| Clone Of: | Environment: | ||||||||||||||||||||||||||||
| Last Closed: | 2014-12-20 08:47:21 UTC | Type: | --- | ||||||||||||||||||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||||||||||||||||||
| Documentation: | --- | CRM: | |||||||||||||||||||||||||||
| Verified Versions: | Category: | --- | |||||||||||||||||||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||||||||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||||||||||||||||
| Embargoed: | |||||||||||||||||||||||||||||
| Attachments: |
|
||||||||||||||||||||||||||||
|
Description
Robert Hancock
2014-11-29 03:26:17 UTC
Created attachment 962633 [details]
File: backtrace
Created attachment 962634 [details]
File: cgroup
Created attachment 962635 [details]
File: core_backtrace
Created attachment 962636 [details]
File: dso_list
Created attachment 962637 [details]
File: environ
Created attachment 962638 [details]
File: exploitable
Created attachment 962639 [details]
File: limits
Created attachment 962640 [details]
File: maps
Created attachment 962641 [details]
File: open_fds
Created attachment 962642 [details]
File: proc_pid_status
Created attachment 962643 [details]
File: var_log_messages
Created attachment 968903 [details]
Prevent null pointer dereferencing when calling ftp_expected_bytes()
Hi, any news on this bug? I also got this segfaults during FTP download when the network is choppy at times.
It appears to be caused by dereferencing a null pointer, as a result of not checking a return value for an exception. I think the patch should fix it (at least preventing this particular crash). I've done some extremely rudimentary checks -- basically simulating a "pulling the cable plug" event on a virtual tunnel interface during FTP transfer -- and the patch seemed to do the work (whereas the unpatched wget build crashed). Still, I hope that expert eyes could be cast on this issue.
Hi. Thank you for proposing a patch. I didn't have time to look at the issue yet. I'll have a look at your patch. Will you post it on the wget-bug mailing list? Hi. The patch looks reasonable. I think it makes sense to dereference respline after the return value of ftp_response(). Will you send the fix to upstream? (In reply to Tomas Hozza from comment #14) > Hi. > > The patch looks reasonable. I think it makes sense to dereference respline > after the return value of ftp_response(). *is checked... (In reply to Tomas Hozza from comment #14) > Hi. > > The patch looks reasonable. I think it makes sense to dereference respline > after the return value of ftp_response(). > > Will you send the fix to upstream? Thanks for pointing me to the wget-bug list. Yes, I'm going to send it and request upstream review. Patch is now in upstream repo (git commit 26790c3); should be included with next wget release. (In reply to Cong Ma from comment #17) > Patch is now in upstream repo (git commit 26790c3); should be included with > next wget release. I saw the mail on upstream mailing list and prepared build for Fedora already yesterday, but didn't push the update. Thanks! wget-1.16.1-2.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/wget-1.16.1-2.fc20 wget-1.16.1-2.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/wget-1.16.1-2.fc21 Package wget-1.16.1-2.fc21: * should fix your issue, * was pushed to the Fedora 21 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing wget-1.16.1-2.fc21' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-17134/wget-1.16.1-2.fc21 then log in and leave karma (feedback). wget-1.16.1-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. wget-1.16.1-2.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. |