Bug 361041 - yelp-2.20.0-2.fc8 crashes if an omf contains a bad url
Summary: yelp-2.20.0-2.fc8 crashes if an omf contains a bad url
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: yelp
Version: rawhide
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Matthias Clasen
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: F8Target
TreeView+ depends on / blocked
 
Reported: 2007-10-31 22:01 UTC by Will Woods
Modified: 2007-11-30 22:12 UTC (History)
2 users (show)

Fixed In Version: 2.20.0-5.fc8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-11-15 13:14:29 UTC


Attachments (Terms of Use)

Description Will Woods 2007-10-31 22:01:32 UTC
virt-manager-C.omf from virt-manager-0.5.2-2.fc8 contains the following item:

[root@brinstar ~]# grep url virt-manager-C.omf 
        <identifier url="" />

This causes yelp to crash while searching, because of the following code at
yelp-search-parser.c:1075

    ptr = g_strrstr (container->base_filename, "/");

    path = g_strndup (container->base_filename,
                      ptr - container->base_filename);

The crash happens on the second line - if container->base_filename does not
contain the string "/" (like, say, if url is the empty string) then ptr will be
NULL. The subsequent g_strndup tries to allocate a ridiculous amount of memory
and subsequently dies like so:

GLib-ERROR **: gmem.c:135: failed to allocate 4150647657 bytes
aborting...

Probably yelp should check for ptr == NULL after the g_strrstr and handle that
case appropriately.

Comment 1 Matthias Clasen 2007-11-05 14:59:57 UTC
With the yelp update that I built last night, this no longer crashes. 

I've filed an upstream bug to clean up that code.

Moving this bug to virt-manager to fix the docs

Comment 2 Will Woods 2007-11-05 15:09:14 UTC
The virt-manager docs bug is already filed - see bug 361071. Moving back to yelp
so we can close this bug once the fix is confirmed. 

Speaking of which - I guess yelp-2.20.0-3.fc8 is the fixed package? I'll retest
with that, assuming that's what you plan to push as an update.

Oh, and thanks for moving this upstream. Figured they'd want to know about it.

Comment 3 Matthias Clasen 2007-11-05 15:14:39 UTC
For reference, the upstream bug is http://bugzilla.gnome.org/show_bug.cgi?id=493751

And yes, I've just pushed an update for 2.20.0-3.fc8

Comment 4 Will Woods 2007-11-05 22:23:38 UTC
That build doesn't fix this bug for me. Still crashes if I try to search in yelp
when the poisoned OMF file exists.

Comment 5 Matthias Clasen 2007-11-05 22:59:47 UTC
Ah, I missed the detail that the crash happens during search

Comment 6 Fedora Update System 2007-11-06 16:03:14 UTC
yelp-2.20.0-5.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update yelp'

Comment 7 Fedora Update System 2007-11-08 06:00:49 UTC
yelp-2.20.0-5.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update yelp'

Comment 8 Fedora Update System 2007-11-15 13:14:28 UTC
yelp-2.20.0-5.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.