Red Hat Bugzilla – Bug 989262
segmentation fault with -M option
Last modified: 2013-09-24 10:36:32 EDT
Description of problem:
'man' command crashes when run with -M command line option
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. man -M foo bar
*** Error in `man': free(): invalid pointer: 0x00007fff7f840aba ***
======= Backtrace: =========
======= Memory map: ========
No manual entry for bar.
#0 0x00007ffff7216a19 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x00007ffff7218128 in __GI_abort () at abort.c:90
#2 0x00007ffff7256d47 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7ffff735eb88 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:196
#3 0x00007ffff725cc17 in malloc_printerr (action=<optimized out>, str=0x7ffff735ebb0 "munmap_chunk(): invalid pointer", ptr=<optimized out>) at malloc.c:4916
#4 0x00000000004052b8 in main (argc=4, argv=0x7fffffffd6b8) at man.c:1367
The program tries to free 'manp' variable, which contains value assigned from argv and therefore allocated by caller (shell), man.c line 429.
Created attachment 779450 [details]
Add strdup to assignment of manp variable.
Thanks for the effort, but nack on this patch. The free in question was an incorrect change in a Fedora patch; it was dropped in 2.6.4-1. Dropping it for 2.6.3-7 as well is probably the right answer if you need to stay with 2.6.3.
Right Colin, that's probably a better solution.
*** This bug has been marked as a duplicate of bug 986085 ***