Bug 361041 - yelp-2.20.0-2.fc8 crashes if an omf contains a bad url
yelp-2.20.0-2.fc8 crashes if an omf contains a bad url
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: yelp (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Matthias Clasen
Fedora Extras Quality Assurance
:
Depends On:
Blocks: F8Target
  Show dependency treegraph
 
Reported: 2007-10-31 18:01 EDT by Will Woods
Modified: 2007-11-30 17:12 EST (History)
2 users (show)

See Also:
Fixed In Version: 2.20.0-5.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-15 08:14:29 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Will Woods 2007-10-31 18:01:32 EDT
virt-manager-C.omf from virt-manager-0.5.2-2.fc8 contains the following item:

[root@brinstar ~]# grep url virt-manager-C.omf 
        <identifier url="" />

This causes yelp to crash while searching, because of the following code at
yelp-search-parser.c:1075

    ptr = g_strrstr (container->base_filename, "/");

    path = g_strndup (container->base_filename,
                      ptr - container->base_filename);

The crash happens on the second line - if container->base_filename does not
contain the string "/" (like, say, if url is the empty string) then ptr will be
NULL. The subsequent g_strndup tries to allocate a ridiculous amount of memory
and subsequently dies like so:

GLib-ERROR **: gmem.c:135: failed to allocate 4150647657 bytes
aborting...

Probably yelp should check for ptr == NULL after the g_strrstr and handle that
case appropriately.
Comment 1 Matthias Clasen 2007-11-05 09:59:57 EST
With the yelp update that I built last night, this no longer crashes. 

I've filed an upstream bug to clean up that code.

Moving this bug to virt-manager to fix the docs
Comment 2 Will Woods 2007-11-05 10:09:14 EST
The virt-manager docs bug is already filed - see bug 361071. Moving back to yelp
so we can close this bug once the fix is confirmed. 

Speaking of which - I guess yelp-2.20.0-3.fc8 is the fixed package? I'll retest
with that, assuming that's what you plan to push as an update.

Oh, and thanks for moving this upstream. Figured they'd want to know about it.
Comment 3 Matthias Clasen 2007-11-05 10:14:39 EST
For reference, the upstream bug is http://bugzilla.gnome.org/show_bug.cgi?id=493751

And yes, I've just pushed an update for 2.20.0-3.fc8
Comment 4 Will Woods 2007-11-05 17:23:38 EST
That build doesn't fix this bug for me. Still crashes if I try to search in yelp
when the poisoned OMF file exists.
Comment 5 Matthias Clasen 2007-11-05 17:59:47 EST
Ah, I missed the detail that the crash happens during search
Comment 6 Fedora Update System 2007-11-06 11:03:14 EST
yelp-2.20.0-5.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update yelp'
Comment 7 Fedora Update System 2007-11-08 01:00:49 EST
yelp-2.20.0-5.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update yelp'
Comment 8 Fedora Update System 2007-11-15 08:14:28 EST
yelp-2.20.0-5.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.