Hi, * Sven Joachim <svenj...@gmx.de> [2011-03-07 17:53]: > On 2011-03-07 17:35 +0100, Nico Golde wrote: > > > * Craig Small <csm...@debian.org> [2011-03-07 10:49]: > >> On Sun, Mar 06, 2011 at 09:38:09PM +0100, Stefano Zacchiroli wrote: > >> > I'm not sure if the problem is in newsbeuter (e.g. using the lib in some > >> > unappropriate way which worked up to now) or in libncursesw5 (e.g. > >> > unexpected/ > >> > undeclared ABI change). I'm Cc:-ing the libncursesw5 maintainer with > >> > this bug > >> > report. > >> newsbeuter is calling stfl_ipool_fromwc() which is part of the stfl > >> package. It's dying between stfl and ncurses. > >> > >> stfl is a statically linked library > > > > What do you mean? > > file libstfl.so.0.21 > > libstfl.so.0.21: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), > > dynamically linked, stripped > > I think Craig means that newsbeuter is statically linked against libstfl.
Oh I thought I changed this ages ago, looks like I didn't hence my confusion :) > >> , recompiling stfl and linking > >> newsbeuter to that library makes a working binary. You can never be 100% > >> sure, but I don't think the problem lies with newsbeuter. > > It seems to be bug #617210 in ncurses. At least, changing the offending > code in ncurses' newwin() function back to what is was before 5.8 fixes > the newsbeuter segfault for me (stfl is calling newwin(0, 0, 0, 0) in > stfl_form_run()). I can confirm what you though. I already mentioned the window is zero thus resulting in a null ptr dereference/invalid read. The reason is: The created windows is passed via f->root->type->f_draw(f->root, f, dummywin); in stfl_form_run(). The complete backtrace looks like: #0 0x00007f66190ad5ce in stfl_style () from /usr/lib/libstfl.so.0 #1 0x00007f66190ae120 in ?? () from /usr/lib/libstfl.so.0 #2 0x00007f66190abe67 in stfl_form_run () from /usr/lib/libstfl.so.0 #3 0x00007f66190ab04e in stfl_run () from /usr/lib/libstfl.so.0 from newsbeuter the path is f->run(-3); => stfl_run() => which hits the newwin() code in stfl. #1 0x00007f66190ae120 in ?? () from /usr/lib/libstfl.so.0 is code in stfl_widget_style() and this function is called in the various drawing functions of stfl that are set to the f_draw function pointer. > I'll reassign this bug to libncursesw5. Thanks! I guess the return value check is still something that should be added in stfl? Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgpaFC7XImqkB.pgp
Description: PGP signature
