[bug #38673] locate segfaults

[Andreas Metzler]

URL:
  <http://savannah.gnu.org/bugs/?38673>

                 Summary: locate segfaults
                 Project: findutils
            Submitted by: ametzler
            Submitted on: Sa 06 Apr 2013 09:07:09 CEST
                Category: locate
                Severity: 3 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 4.5.11
           Fixed Release: None

    _______________________________________________________

Details:

Hello,

this is <http://bugs.debian.org/704193>: locate 4.5.11 segfaults reproducibly
for at least two users. - Downgrading to 4.5.10 (or 4.4.2) fixes the issue.

<quote>
Here's an strace.  The segfault happens just AFTER locatedb is closed.
It also happens on a successful lookup.  I'm running i386 sid userland on an
x86_64 kernel.

execve("/usr/bin/locate", ["locate", "qqqq"], [/* 24 vars */]) = 0
brk(0)                                  = 0x84a9000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or
directory)
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xf77cd000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or
directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=145521, ...}) = 0
mmap2(NULL, 145521, PROT_READ, MAP_PRIVATE, 3, 0) = 0xf77a9000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or
directory)
open("/lib/i386-linux-gnu/i686/cmov/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\372\202M4\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1756536, ...}) = 0
mmap2(0x4d816000, 1764124, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x4d816000
mmap2(0x4d9bf000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1a9) = 0x4d9bf000
mmap2(0x4d9c2000, 11036, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4d9c2000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xf77a8000
set_thread_area({entry_number:-1 -> 12, base_addr:0xf77a8900, limit:1048575,
seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1,
seg_not_present:0, useable:1}) = 0
mprotect(0x805a000, 4096, PROT_READ)    = 0
mprotect(0x4d9bf000, 8192, PROT_READ)   = 0
mprotect(0x4d812000, 4096, PROT_READ)   = 0
munmap(0xf77a9000, 145521)              = 0
open("/var/cache/locate/locatedb", O_RDONLY|O_LARGEFILE) = 3
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
geteuid32()                             = $UID
getuid32()                              = $UID
getgid32()                              = $GID
setgid32($GID)                          = 0
brk(0)                                  = 0x84a9000
brk(0x84ca000)                          = 0x84ca000
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) =
0
fstat64(3, {st_mode=S_IFREG|0644, st_size=21917714, ...}) = 0
time(NULL)                              = 1364566351
fcntl64(3, F_GETFL)                     = 0x8000 (flags O_RDONLY|O_LARGEFILE)
fstat64(3, {st_mode=S_IFREG|0644, st_size=21917714, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xf77cc000
_llseek(3, 0, [0], SEEK_CUR)            = 0
read(3, ""..., 4096) = 4096

(Lots of additional reads omitted)

read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0xf77cc000, 4096)                = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++






    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?38673>

_______________________________________________
  Nachricht gesendet von/durch Savannah
  http://savannah.gnu.org/