Bug 313281
| Summary: | gparted crashes when compiled with latest glibc | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Deji Akingunola <dakingun> | ||||
| Component: | gparted | Assignee: | Deji Akingunola <dakingun> | ||||
| Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | low | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | rawhide | CC: | jakub, jimhayward | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2007-10-30 21:08:52 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
That is a bug in gparted. See http://www.opengroup.org/onlinepubs/009695399/functions/realpath.html The buffer pointed to by second argument must be at least PATH_MAX bytes long, or the second argument to realpath must be NULL (GNU extension and upcoming POSIX version; if NULL, the buffer is malloced). Jakub, Thanks for explanation. I 'fixed' it by using NULL as the second argument, and the crash is gone. Please make sure that what realpath returned is then freed, otherwise you introduced a memory leak. Created attachment 242691 [details]
Patch
This isn't the best way to fix this since realpath(path, NULL) is a
non-standard GNU extension. Definitely not how I would consider fixing this
upstream (the upstream project appears to be dead). But since this effects the
Fedora package only, I don't really see a problem.
Thanks for the patch Jim, applied. |
Description of problem: gparted crashes at runtime when built with glibc-2.6.90-15. This crash doesn't occur with gparted built just after all the build-id changes. I'm not sure if its a glibc's bug or gparted's, just wanted to give it a shot here (bug have been filed with gparted upstream about it). Backtrace generated while running it under gdb is reproduced below. Version-Release number of selected component (if applicable): glibc-2.6.90-15 How reproducible: always Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: Program received signal SIGABRT, Aborted. [Switching to Thread 1084229968 (LWP 13286)] 0x0000003eae630b65 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 64 return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig); Current language: auto; currently c (gdb) bt #0 0x0000003eae630b65 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #1 0x0000003eae632610 in *__GI_abort () at abort.c:88 #2 0x0000003eae66ab8b in __libc_message (do_abort=2, fmt=0x3eae720a7d "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:170 #3 0x0000003eae6e9522 in *__GI___fortify_fail ( msg=0x3eae720a4c "buffer overflow detected") at fortify_fail.c:32 #4 0x0000003eae6e7c40 in *__GI___chk_fail () at chk_fail.c:29 #5 0x0000003eae6e827b in __realpath_chk ( buf=0x33e3 <Address 0x33e3 out of bounds>, resolved=0x33e6 <Address 0x33e6 out of bounds>, resolvedlen=6) at realpath_chk.c:30 #6 0x000000000044fdcd in GParted::GParted_Core::init_maps ( this=<value optimized out>) at /usr/include/bits/stdlib.h:35 #7 0x000000000045024f in GParted::GParted_Core::set_devices ( this=0x7fffe43e8820, devices=@0x7fffe43e7eb8) at GParted_Core.cc:146 #8 0x000000000046bb87 in GParted::Win_GParted::thread_refresh_devices ( this=0x7fffe43e7cf0) at Win_GParted.cc:958 #9 0x0000003eb5a3358f in call_thread_entry_slot (data=<value optimized out>) at /usr/include/sigc++-2.0/sigc++/functors/slot.h:440 #10 0x0000003eb3a507e4 in g_thread_create_proxy (data=0x832210) at gthread.c:635 ---Type <return> to continue, or q <return> to quit--- #11 0x0000003eaf206447 in start_thread (arg=<value optimized out>) at pthread_create.c:297 #12 0x0000003eae6d3e5d in clone () from /lib64/libc.so.6 (gdb)