Bug 481146
| Summary: | phosphor crashes due to derefencing NULL FILE* | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | John Sullivan <jsrhbz> | ||||
| Component: | xscreensaver | Assignee: | Mamoru TASAKA <mtasaka> | ||||
| Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 9 | CC: | mtasaka | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2009-01-24 02:43:12 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Well, I can reproduce what you see and your proposal patch seems reasonable. I will release the modified xscreensaver, thanks. 5.08-5.fc{11,10,9} is submitted:
For F-9:
http://koji.fedoraproject.org/koji/buildinfo?buildID=79778
xscreensaver-5.08-5.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. xscreensaver-5.08-5.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. |
Created attachment 329709 [details] proposed fix Description of problem: When (without -pipe) the child exits, state->pipe is cleared but state->pid is not. Later on, state->pid is used to determine whether to send a message to the child (via state->pipe) it tests only the value of state->pid. This can be forced by running with -window and resizing the window between child runs (which attempts to ioctl TIOCWINSZ on the pipe). Version-Release number of selected component (if applicable): xscreensaver-extras-5.08-1.fc9.x86_64 How reproducible: The resize case, very. I think there's another semi-random crash case too though. Steps to Reproduce: 1. Run phosphor with -window 2. Resize window 3. Actual results: SEGV Expected results: No SEGV Additional info: Attached patch does two things: clear state->pid once we know the child has exited, and check state->pipe before attempting to dereference it.