Bug 452127 - grep segfaults when using -m and -A
Summary: grep segfaults when using -m and -A
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: grep
Version: 5.3
Hardware: i386
OS: Linux
low
medium
Target Milestone: rc
: ---
Assignee: Stepan Kasal
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-06-19 15:04 UTC by Bart Dopheide
Modified: 2013-04-12 19:46 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-05-14 07:32:34 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:0481 0 normal SHIPPED_LIVE grep bug fix update 2009-05-14 07:32:26 UTC

Description Bart Dopheide 2008-06-19 15:04:57 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.14) Gecko/20080404 Iceweasel/2.0.0.14 (Debian-2.0.0.14-2)

Description of problem:
I can get grep to crash (segfault) when using a certain combination of
* -m
* -A
* .*


Version-Release number of selected component (if applicable):
grep-2.5.1-54.2.el5

How reproducible:
Always


Steps to Reproduce:
1. echo -en "X\nX" | /bin/grep -m 1 -A 1 '.*X'


Actual Results:
X
Segmentation fault

Expected Results:
It should not segfault.

Additional info:

When running with grep-debuginfo-2.5.1-54.2.el5 installed and using grep:
$ echo -en "X\nX" > /tmp/testinput.txt
$ gdb /bin/grep
GNU gdb Red Hat Linux (6.5-37.el5rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/libthread_db.so.1".

(gdb) run -m 1 -A 1 '.*X' /tmp/testinput.txt
Starting program: /bin/grep -m 1 -A 1 '.*X' /tmp/testinput.txt
X

Program received signal SIGSEGV, Segmentation fault.
0x001e4d89 in memchr () from /lib/libc.so.6
(gdb) bt
#0  0x001e4d89 in memchr () from /lib/libc.so.6
#1  0x08052e15 in kwsexec (kws=0x98d8ff8, 
    text=0x1 <Address 0x1 out of bounds>, size=160280578, kwsmatch=0xbf9fbadc)
    at kwset.c:509
#2  0x08055112 in EGexecute (buf=0x98db002 "X\n", size=1, 
    match_size=0xbf9fbb38, exact=0) at search.c:386
#3  0x0804a68c in prpending (lim=0x98db004 "") at grep.c:598
#4  0x0804b45d in grepfile (file=0xbf9fcc4b "/tmp/testinput.txt", 
    stats=0x805b2e0) at grep.c:846
#5  0x0804c2cd in main (argc=7, argv=0xbf9fbd14) at grep.c:1745
#6  0x0018adec in __libc_start_main () from /lib/libc.so.6
#7  0x080497f1 in _start ()
(gdb)
Comment 1 Stepan Kasal 2009-01-29 15:09:07 UTC 
The issue is fixed upstream by the following patch
https://savannah.gnu.org/patch/?3840
Comment 3 RHEL Program Management 2009-03-26 16:48:30 UTC 
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 8 errata-xmlrpc 2009-05-14 07:32:34 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0481.html
Note You need to log in before you can comment on or make changes to this bug.