Bug 1177672

Summary: [abrt] perl: yyparse(): a2p killed by SIGSEGV
Product: [Fedora] Fedora Reporter: Laszlo Kokai <bugzilla>
Component: perlAssignee: Jitka Plesnikova <jplesnik>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: cweyl, iarnell, jplesnik, kasal, perl-devel, ppisar, psabata, rc040203, tcallawa
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
URL: https://retrace.fedoraproject.org/faf/reports/bthash/dcf41ff2ca3bcfccf1b4103ada30ddaabc482717
Whiteboard: abrt_hash:d7e65aecf8784f8fdf78f19916aabe70628b8213
Fixed In Version: perl-5.18.4-292.fc20 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-02-22 06:02:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: exploitable
none
File: limits
none
File: maps
none
File: open_fds
none
File: proc_pid_status
none
File: var_log_messages
none
Proposed patch, implementing what I wrote in previous comment none

Description Laszlo Kokai 2014-12-29 19:14:07 UTC 
Description of problem:
python -c "print 'a'*2050"|a2p

http://www.intelligentexploit.com/view-details.html?id=20492

Version-Release number of selected component:
perl-5.16.3-266.fc19

Additional info:
reporter:       libreport-2.2.2
backtrace_rating: 4
cmdline:        a2p
crash_function: yyparse
executable:     /usr/bin/a2p
kernel:         3.14.23-100.fc19.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (1 frames)
 #0 yyparse at y.tab.c:2880
Comment 1 Laszlo Kokai 2014-12-29 19:14:12 UTC 
Created attachment 974146 [details]
File: backtrace
Comment 2 Laszlo Kokai 2014-12-29 19:14:13 UTC 
Created attachment 974147 [details]
File: cgroup
Comment 3 Laszlo Kokai 2014-12-29 19:14:14 UTC 
Created attachment 974148 [details]
File: core_backtrace
Comment 4 Laszlo Kokai 2014-12-29 19:14:16 UTC 
Created attachment 974149 [details]
File: dso_list
Comment 5 Laszlo Kokai 2014-12-29 19:14:17 UTC 
Created attachment 974150 [details]
File: environ
Comment 6 Laszlo Kokai 2014-12-29 19:14:19 UTC 
Created attachment 974151 [details]
File: exploitable
Comment 7 Laszlo Kokai 2014-12-29 19:14:20 UTC 
Created attachment 974152 [details]
File: limits
Comment 8 Laszlo Kokai 2014-12-29 19:14:22 UTC 
Created attachment 974153 [details]
File: maps
Comment 9 Laszlo Kokai 2014-12-29 19:14:23 UTC 
Created attachment 974154 [details]
File: open_fds
Comment 10 Laszlo Kokai 2014-12-29 19:14:24 UTC 
Created attachment 974155 [details]
File: proc_pid_status
Comment 11 Laszlo Kokai 2014-12-29 19:14:26 UTC 
Created attachment 974156 [details]
File: var_log_messages
Comment 12 Petr Pisar 2015-01-02 14:45:10 UTC 
This happens even in Rawhide (perl-App-a2p-1.007-3.fc22.x86_64, perl-libs-5.20.1-315.fc22.x86_64). It starts to happen exactly since 2050 characters which are word characters.
Comment 13 Ralf Corsepius 2015-01-04 08:41:38 UTC 
I think this bug is caused by upstream having used a broken byacc to 
generate a2p.c.

Grabbing the missing yacc-source file a2p.y from upstream's git (https://github.com/Leont/app-a2p/a2p.y) and regenerating a2p.c using Fedora 21's byacc (byacc-1.9.20130925-4.fc21) seems to fix this issue for me.
Comment 14 Ralf Corsepius 2015-01-04 08:45:10 UTC 
Created attachment 975930 [details]
Proposed patch, implementing what I wrote in previous comment
Comment 15 Fedora End Of Life 2015-01-09 21:34:51 UTC 
This message is a notice that Fedora 19 is now at end of life. Fedora 
has stopped maintaining and issuing updates for Fedora 19. It is 
Fedora's policy to close all bug reports from releases that are no 
longer maintained. Approximately 4 (four) weeks from now this bug will
be closed as EOL if it remains open with a Fedora 'version' of '19'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 19 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 16 Fedora Update System 2015-02-13 16:52:26 UTC 
perl-5.18.4-292.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/perl-5.18.4-292.fc20
Comment 17 Fedora Update System 2015-02-15 03:22:08 UTC 
Package perl-5.18.4-292.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing perl-5.18.4-292.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2015-2034/perl-5.18.4-292.fc20
then log in and leave karma (feedback).
Comment 18 Fedora Update System 2015-02-16 08:51:51 UTC 
perl-5.18.4-306.fc21 has been submitted as an update for Fedora 21.
https://admin.fedoraproject.org/updates/perl-5.18.4-306.fc21
Comment 19 Fedora Update System 2015-02-22 06:02:43 UTC 
perl-5.18.4-306.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 20 Fedora Update System 2015-02-23 23:24:23 UTC 
perl-5.18.4-292.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.