520073 – cscope gets "Segmentation fault" when a broken C syntax file is given as input

Bug 520073 - cscope gets "Segmentation fault" when a broken C syntax file is given as input

Summary: cscope gets "Segmentation fault" when a broken C syntax file is given as input

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	cscope
Sub Component:
Version:	11
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Neil Horman
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2009-08-28 09:21 UTC by Masatake YAMATO
Modified:	2009-08-31 23:45 UTC (History)
CC List:	1 user (show)
Fixed In Version:	15.6-4.fc11
Clone Of:
Environment:
Last Closed:	2009-08-31 23:45:12 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
An input file to reproduce the bug<1> (2 bytes, text/plain) 2009-08-28 09:21 UTC, Masatake YAMATO	no flags	Details
An input file to reproduce the bug<2> (2 bytes, text/plain) 2009-08-28 09:21 UTC, Masatake YAMATO	no flags	Details
A patch fixing the bug I reported. (1.14 KB, patch) 2009-08-28 09:24 UTC, Masatake YAMATO	no flags	Details \| Diff
patch to detect lexer errors (1.83 KB, application/octet-stream) 2009-08-28 14:30 UTC, Neil Horman	no flags	Details
Show Obsolete (1) View All

Description Masatake YAMATO 2009-08-28 09:21:02 UTC

Created attachment 359035 [details]
An input file to reproduce the bug<1>

Description of problem:

cscope gets "Segmentation fault".


Version-Release number of selected component (if applicable):

rpm -qi cscope 
Name        : cscope                       Relocations: (not relocatable)
Version     : 15.6                              Vendor: Fedora Project
Release     : 3.fc11                        Build Date: Tue 24 Feb 2009 07:03:50 PM JST


How reproducible:

Run cscope with given input file
Steps to Reproduce:
1. Save attachment equal.txt and colon.txt to /tmp
2. Run cscope like $ cscope /tmp/equal.txt   (or $ cscope /tmp/colon.txt)

  
Actual results:
$ cscope /tmp/equal.txt 
cscope /tmp/equal.txt 
Building cross-reference...                                                         Segmentation fault

Expected results:

Rejecting or ignoring such broken files

Additional info:
See the attached patch to avoid the bug.

Comment 1 Masatake YAMATO 2009-08-28 09:21:53 UTC

Created attachment 359036 [details]
An input file to reproduce the bug<2>

Comment 2 Masatake YAMATO 2009-08-28 09:24:22 UTC

Created attachment 359038 [details]
A patch fixing the bug I reported.

Both rules for = and :, check a buffer (my_yytext) is allocated or not.

Comment 3 Neil Horman 2009-08-28 11:07:55 UTC

looks good, thank you!

Comment 4 Neil Horman 2009-08-28 13:14:27 UTC

wait, I'm not sure I see how we're getting into the lexer here without setting my_yytext, and your reproducer files appear empty( they're both 2 bytes long).  Can you reattach them please?

Comment 5 Masatake YAMATO 2009-08-28 13:30:13 UTC

Please use the files to reproduce the bug.

The files are not empty. They are both 2 bytes long. Even 2 bytes they are enough as input to reproduce the segv.

Comment 6 Neil Horman 2009-08-28 14:05:42 UTC

Hmm, ok I see the contents now, but I'm more hesitant to fix this now. What you've effectively done is told cscope that a non-c file is a c-file.  As a result you get bad results.  As such, I think we can probably do something here, but just checking for NULL and glossing over the problem isn't the right solution.  If we enter the processing of either of those tokens and my_yytext isn't set I think we need to abort processing, as thats a lexer error.

Comment 7 Masatake YAMATO 2009-08-28 14:17:51 UTC

I agree with you. Aborting to process the current input file is better than my patch. I will submit a patch to do so next week. Thanks.

Comment 8 Neil Horman 2009-08-28 14:30:27 UTC

Created attachment 359077 [details]
patch to detect lexer errors 

This is what I just comitted upstream and will commit to F-11 shortly.  I've verified that it fixes the errors that were reported here.

Comment 9 Masatake YAMATO 2009-08-28 14:53:18 UTC

Thanks. I'll test at home.

Comment 10 Neil Horman 2009-08-28 14:59:19 UTC

fixed in 15.6-4.  Thanks!

Comment 11 Fedora Update System 2009-08-28 15:30:12 UTC

cscope-15.6-4.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/cscope-15.6-4.fc11

Comment 12 Fedora Update System 2009-08-31 23:45:08 UTC

cscope-15.6-4.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.