Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: fsck seg fault failure on vmware -i386?

    Date:        Sat, 30 Jan 2010 12:55:41 +0000 (UTC)
    From: (Michael van Elst)
    Message-ID:  <hk1a8c$5hm$>

  | asctime() (and others) may return NULL nowadays. The sequence
  | in fsck_ffs/inode.c:pinode()
  |         p = ctime(&t);
  |         printf("MTIME=%12.12s %4.4s ", &p[4], &p[20]);
  | might crash if the inode timestamp is 'invalid'.

Yes, it might (even would) but perhaps not the way you are thinking.
While it is certainly true that p might be NULL there, and that fsck_ffs
really needs to do
        if (p == NULL)
                printf("MTIME="%-17s ", "invalid");

the actual reported crash was from within asctime_r(), not directly
inside pinode() which this would have been.

That indicates a related, but different bug, in libc (and in the latest
olson tz code), that is, ctime() is just

        ctime(time_t *t)
                return asctime(localtime(t)));

so if localtime() returns NULL (which it can), asctime() (and asctime_r()
which it calls) is handleda NULL pointer, which it certainly doesn't expect,
and will cause asctime_r() to core dump.

That's most likely what is being seen.

The fix I'll be suggesting to the tz people is to harden asctime_r()
rather than adding a test into ctime(), so that asctime_r() simply starts

        if (timeptr == NULL)
                return NULL;

Once this is installed, then you would get the core dump from pinode()
unless that gets fixed as well.


Home | Main Index | Thread Index | Old Index