[screen-devel] [bug #51402] SEGFAULT when querying 'info' on detached screen

Thu, 06 Jul 2017 06:53:43 -0700 

URL:
  <http://savannah.gnu.org/bugs/?51402>

                 Summary: SEGFAULT when querying 'info' on detached screen
                 Project: GNU Screen
            Submitted by: None
            Submitted on: Thu 06 Jul 2017 01:53:12 PM UTC
                Category: Crash/Freeze/Infloop
                Severity: 3 - Normal
                Priority: 5 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
                 Release: None
           Fixed Release: None
         Planned Release: 4.5.1
           Work Required: None

    _______________________________________________________

Details:

repro:
$ screen -d sleep 9999
$ screen -Q info
$ screen -ls
There are screens on:
        28239.pts-101.XXX-queryA        (05/04/17 09:24:25)     (Dead ???)
        28239.pts-101.XXX       (05/04/17 09:24:25)     (Dead ???)
Remove dead screens with 'screen -wipe'.

Unfortunately in Debian there are only very old debug symbol files of version
4.2.1 (but I can also repro on 4.5.0), so gdb trace is from the old version:

(gdb) c
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x0807a564 in ShowInfo () at process.c:5647
5647    process.c: No such file or directory.
(gdb) bt
#0  0x0807a564 in ShowInfo () at process.c:5647
#1  DoAction (act=0xfff8600b, key=-1) at process.c:1857
#2  0x08080b61 in DoCommand (argv=0xfff8707c, argl=0xfff8717c) at
process.c:4567
#3  0x0805ff59 in DoCommandMsg (mp=0x80bb000 <m>) at socket.c:1807
#4  0x080620f1 in ReceiveMsg () at socket.c:1220
#5  0x08090630 in sched () at sched.c:237
#6  0x0804c463 in main (ac=<optimized out>, av=<optimized out>) at
screen.c:1487
(gdb) show directories
Source directories searched: $cdir:$cwd
(gdb) dir /tmp/screen-4.2.1
Source directories searched: /tmp/screen-4.2.1:$cdir:$cwd
(gdb) l
warning: Source file is more recent than executable.
5642        }
5643    #  ifdef UTF8
5644      if (wp->w_encoding != UTF8)
5645    #  endif
5646    # endif
5647        if (D_CC0 || (D_CS0 && *D_CS0))
5648          {
5649            if (wp->w_gr == 2)
5650              {
5651                sprintf(p, " G%c", wp->w_Charset + '0');
(gdb) info registers
eax            0x0      0
ecx            0x7      7
edx            0x80cb2d8        135049944
ebx            0xfff8600b       -499701
esp            0xfff85f70       0xfff85f70
ebp            0x0      0x0
esi            0x1      1
edi            0x0      0
eip            0x807a564        0x807a564 <DoAction+20740>
eflags         0x10246  [ PF ZF IF RF ]
cs             0x23     35
ss             0x2b     43
ds             0x2b     43
es             0x2b     43
fs             0x0      0
gs             0x63     99

Clearly there is an invalid dereference most likely due to uninitialized
variables when screen is started in detached state.




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?51402>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

Reply via email to