Bug 71356 - textproc/unrtf core dumps w/ Segmentation fault
Summary: textproc/unrtf core dumps w/ Segmentation fault
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Volker Stolz
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-09-04 04:10 UTC by parv
Modified: 2004-10-26 09:07 UTC (History)
0 users

See Also:

Attachments
unrtf (1.34 KB, application/octet-stream)
2004-09-06 15:06 UTC, Volker Stolz 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description parv 2004-09-04 04:10:30 UTC 
Somebody else reported that unrtf core dumps.  What do you know, it
did/does core dump while converting ..

  http://www.ccel.org/u/unknowing/cloud.RTF
  http://www.cs.georgetown.edu/~denning/infosec/ids-model.rtf


Output of gbd's bt command...

  This GDB was configured as "i386-unknown-freebsd"...Deprecated bfd_read called at /misc/src-4.10/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxread.c line 2627 in elfstab_build_psymtabs
  Deprecated bfd_read called at /misc/src-4.10/gnu/usr.bin/binutils/gdb/../../../../contrib/gdb/gdb/dbxread.c line 933 in fill_symbuf

  Core was generated by `unrtf'.
  Program terminated with signal 11, Segmentation fault.
  Reading symbols from /usr/lib/libc.so.4...done.
  Reading symbols from /usr/libexec/ld-elf.so.1...done.
  #0  0x280e4414 in vfprintf () from /usr/lib/libc.so.4
  (gdb) bt
  #0  0x280e4414 in vfprintf () from /usr/lib/libc.so.4
  #1  0x280d1307 in printf () from /usr/lib/libc.so.4
  #2  0x8049f22 in cmd_emdash (w=0x8066100, align=0, has_param=0, param=0) at convert.c:1199
  #3  0x804b33f in word_print_core (w=0x8066100) at convert.c:2776
  #4  0x804b43b in word_print_core (w=0x8058040) at convert.c:2826
  #5  0x804b58c in word_print (w=0x8058040) at convert.c:2885
  #6  0x804bd95 in main (argc=2, argv=0xbfbff3e0) at main.c:191

How-To-Repeat: 
Install unrtf 0.19.1 & try to convert any RTF file.
Comment 1 Volker Stolz freebsd_committer freebsd_triage 2004-09-06 15:06:44 UTC 
This is a libc-problem: Linnix can do printf(0), FreeBSD segfaults.

Please try the attached patch which works for me for your two samples.
I can't judge if it's way over the top or if even some more files should  
be patched.
Ask someone with a good static analyzer :)
Is this stuff actively maintained upstream so that we can drop them a note?

Volker
Comment 2 Volker Stolz freebsd_committer freebsd_triage 2004-09-06 15:09:40 UTC 
State Changed
From-To: open->analyzed

Linux vs. FreeBSD incompability; patch for reviewing attached.
Comment 3 Volker Stolz freebsd_committer freebsd_triage 2004-09-06 15:09:40 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->vs

I'll track this.
Comment 4 parv 2004-09-06 20:46:32 UTC 
in message <opsdwr5ipb07qw3q@localhost>, wrote Volker Stolz
thusly...
>
> This is a libc-problem: Linnix can do printf(0), FreeBSD
> segfaults.
> 
> Please try the attached patch which works for me for your two
> samples.

Patch allowed unrtf to do its thing for the two URIs listed
previously.


> Is this stuff actively maintained upstream so that we
> can drop them a note?

Seems like it is maintained but not very actively.


  - Parv

--
Comment 5 Volker Stolz freebsd_committer freebsd_triage 2004-10-26 09:07:27 UTC 
State Changed
From-To: analyzed->closed

Fixed, thanks for your submission!