Opened 15 years ago

Closed 15 years ago

#416 closed defect (fixed)

r.le.patch crashes on long filenames

Reported by: neteler Owned by: grass-dev@…
Priority: major Milestone: 6.3.1
Component: Raster Version: 6.3.0
Keywords: Cc: khufkens
CPU: Unspecified Platform: Unspecified

Description

(was: http://wald.intevation.org/tracker/?func=detail&atid=204&aid=859&group_id=21)

r.le.patch crashes when using long filenames (gives a buffer overflow). Using a short filename does not produce this error. Behaviour is consistent across both linux as Mac OSX platforms.

Depending on the length of the filename r.le.patch crashes immediately or the output of the module is garbage or not there. Again, this behaviour is consistent on both linux as OSX.

Below you find a trace of a crash on a long filename.

======= Backtrace: ========= 

/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7e2c558]
/lib/tls/i686/cmov/libc.so.6[0xb7e2a680]
/lib/tls/i686/cmov/libc.so.6[0xb7e29d68]
/lib/tls/i686/cmov/libc.so.6(_IO_default_xsputn+0xc8)[0xb7d9fa18]
/lib/tls/i686/cmov/libc.so.6(_IO_vfprintf+0x3733)[0xb7d750c3]
/lib/tls/i686/cmov/libc.so.6(__vsprintf_chk+0xa7)[0xb7e29e17]
/lib/tls/i686/cmov/libc.so.6(__sprintf_chk+0x2d)[0xb7e29d5d]
r.le.patch(open_files+0x33e)[0x804caee]
r.le.patch(patch_fore+0x82)[0x80546f2]
r.le.patch(main+0x519)[0x80568b9]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7d48685]
r.le.patch[0x804ab31]
======= Memory map: ========
08048000-08064000 r-xp 00000000 08:01 2041981    /usr/lib/grass/bin/r.le.patch
08064000-08065000 r--p 0001b000 08:01 2041981    /usr/lib/grass/bin/r.le.patch
08065000-08066000 rw-p 0001c000 08:01 2041981    /usr/lib/grass/bin/r.le.patch
08af0000-08b35000 rw-p 08af0000 00:00 0          [heap]
b7cd2000-b7cdf000 r-xp 00000000 08:01 1237054    /lib/libgcc_s.so.1
b7cdf000-b7ce0000 r--p 0000c000 08:01 1237054    /lib/libgcc_s.so.1
b7ce0000-b7ce1000 rw-p 0000d000 08:01 1237054    /lib/libgcc_s.so.1
b7cf2000-b7d31000 r--p 00000000 08:01 2032550    /usr/lib/locale/en_US.utf8/LC_CTYPE
b7d31000-b7d32000 rw-p b7d31000 00:00 0
b7d32000-b7e8a000 r-xp 00000000 08:01 1254395    /lib/tls/i686/cmov/libc-2.8.90.so
b7e8a000-b7e8c000 r--p 00158000 08:01 1254395    /lib/tls/i686/cmov/libc-2.8.90.so
b7e8c000-b7e8d000 rw-p 0015a000 08:01 1254395    /lib/tls/i686/cmov/libc-2.8.90.so
b7e8d000-b7e90000 rw-p b7e8d000 00:00 0
b7e90000-b7eb4000 r-xp 00000000 08:01 1254403    /lib/tls/i686/cmov/libm-2.8.90.so
b7eb4000-b7eb5000 r--p 00023000 08:01 1254403    /lib/tls/i686/cmov/libm-2.8.90.so
b7eb5000-b7eb6000 rw-p 00024000 08:01 1254403    /lib/tls/i686/cmov/libm-2.8.90.so
b7eb6000-b7eca000 r-xp 00000000 08:01 2001395    /usr/lib/libz.so.1.2.3.3
b7eca000-b7ecc000 rw-p 00013000 08:01 2001395    /usr/lib/libz.so.1.2.3.3
b7ecc000-b7ecd000 rw-p b7ecc000 00:00 0
b7ed6000-b7ed7000 r--p 00000000 08:01 2039816    /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES
b7ed7000-b7ede000 r--s 00000000 08:01 2384115    /usr/lib/gconv/gconv-modules.cache
b7ede000-b7ee5000 r-xp 00000000 08:01 2359308    /usr/lib/grass/lib/libgrass_datetime.6.3.0.so
b7ee5000-b7ee6000 r--p 00006000 08:01 2359308    /usr/lib/grass/lib/libgrass_datetime.6.3.0.so
b7ee6000-b7ee7000 rw-p 00007000 08:01 2359308    /usr/lib/grass/lib/libgrass_datetime.6.3.0.so
b7ee7000-b7f32000 r-xp 00000000 08:01 2359324    /usr/lib/grass/lib/libgrass_gis.6.3.0.so
b7f32000-b7f33000 r--p 0004b000 08:01 2359324    /usr/lib/grass/lib/libgrass_gis.6.3.0.so
b7f33000-b7f34000 rw-p 0004c000 08:01 2359324    /usr/lib/grass/lib/libgrass_gis.6.3.0.so
b7f34000-b7f3c000 rw-p b7f34000 00:00 0
b7f3c000-b7f56000 r-xp 00000000 08:01 1237011    /lib/ld-2.8.90.so
b7f56000-b7f57000 r-xp b7f56000 00:00 0          [vdso]
b7f57000-b7f58000 r--p 0001a000 08:01 1237011    /lib/ld-2.8.90.so
b7f58000-b7f59000 rw-p 0001b000 08:01 1237011    /lib/ld-2.8.90.so
bfc43000-bfc58000 rw-p bffeb000 00:00 0          [stack]

Attachments (1)

r.le.patch.diff (1.3 KB ) - added by neteler 15 years ago.
untested fix for longer names

Download all attachments as: .zip

Change History (3)

by neteler, 15 years ago

Attachment: r.le.patch.diff added

untested fix for longer names

comment:1 by neteler, 15 years ago

Untested patch attached with longer buffers.

Markus

comment:2 by hamish, 15 years ago

Resolution: fixed
Status: newclosed

slightly modified patch applied in r35755, 56, and 57.

Hamish

Note: See TracTickets for help on using tickets.