Bug 483181

Summary: msggrep segfaults when $ anchor is used
Product: [Fedora] Fedora Reporter: Sean Flanigan <sflaniga>
Component: gettextAssignee: Jens Petersen <petersen>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 11CC: i18n-bugs, petersen
Target Milestone: ---Keywords: i18n, MoveUpstream
Target Release: ---   
Hardware: All   
OS: Linux   
URL: https://savannah.gnu.org/bugs/index.php?25437
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-10-27 06:25:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Sean Flanigan 2009-01-30 02:31:21 UTC
Description of problem:
msggrep segfaults when $ anchor is used in regex

Version-Release number of selected component (if applicable):
0.17-4.fc9

How reproducible:
About 15 out of 16 runs.

Steps to Reproduce:
1.echo a=b | msggrep -P -K -e '^a$' 
  
Actual results:
Segmentation fault (15/16 runs) or 
no matches (1/16 runs)

Expected results:
One matching string

Additional info:
May be connected to https://savannah.gnu.org/bugs/index.php?25437.  (My locally compiled gettext-0.17 doesn't segfault, but never returns the expected matches.)

Comment 1 Jens Petersen 2009-01-30 05:05:57 UTC
Here is a gdb backtrace:

$ cat > /tmp/test.properties
a=b
$ sudo debuginfo-install gettext glibc
$ gdb msggrep
GNU gdb Fedora (6.8-29.fc10)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...
(gdb) set args -P -K -E -e ^a\$ ~/tmp/test.properties
(gdb) r
Starting program: /usr/bin/msggrep -P -K -E -e ^a\$ ~/tmp/test.properties

Program received signal SIGSEGV, Segmentation fault.
dfaexec (d=0x61a0c8, begin=0x61a8b0 "a", size=<value optimized out>, 
    backref=0x7fffffffd49c) at dfa.c:2833
2833			s = t[*p++];
(gdb) bt
#0  dfaexec (d=0x61a0c8, begin=0x61a8b0 "a", size=<value optimized out>, 
    backref=0x7fffffffd49c) at dfa.c:2833
#1  0x0000000000404336 in EGexecute (compiled_pattern=0x61a0c0, 
    buf=0x61a8b0 "a", buf_size=1, match_size=0x7fffffffd4f0, exact=false)
    at m-regex.c:362
#2  0x0000000000402425 in is_string_selected (grep_pass=<value optimized out>, 
    str=0x352873c4c8 "double free or corruption (fasttop)", len=6407344)
    at msggrep.c:672
#3  0x00000000004032fb in is_message_selected_no_invert (mp=0x61d8b0)
    at msggrep.c:703
#4  0x00000000004035cf in is_message_selected (mp=0x352896da00)
    at msggrep.c:807
#5  0x0000003529a0858b in message_list_remove_if_not (mlp=0x61a740, 
    predicate=0x4035c0 <is_message_selected>) at message.c:410
#6  0x0000000000402fb2 in process_message_list () at msggrep.c:824
#7  process_msgdomain_list () at msggrep.c:834
#8  main (argc=7, argv=0x7fffffffe708) at msggrep.c:465

Comment 3 Bug Zapper 2009-06-09 10:58:30 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Comment 5 Jens Petersen 2009-10-27 06:25:41 UTC
Probably still not fixed in git

http://git.savannah.gnu.org/cgit/gettext.git/log/gettext-tools/src/msggrep.c

but I am going to close this for now since it is reported upstream:

http://savannah.gnu.org/bugs/?25437