[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: wget_wch problem
From: |
Saravanan Bellan |
Subject: |
RE: wget_wch problem |
Date: |
Wed, 14 Jan 2004 12:25:57 -0800 |
This is the output you requested,
(gdb) bt
#0 0xff3516e4 in __mbrtowc_dense_gb18030 ()
from /usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
#1 0x1da08 in wget_wch (win=0x6764c, result=0xffbef578)
at ../ncurses/./widechar/lib_get_wch.c:85
#2 0x135f0 in main (argc=1, argv=0xffbef5f4) at wget.c:21
(gdb) up
#1 0x1da08 in wget_wch (win=0x6764c, result=0xffbef578)
at ../ncurses/./widechar/lib_get_wch.c:85
85 status = mbrlen(buffer, count, &state);
(gdb) print count
$1 = 1
This program works fine on gb18030 locale on linux(Redhat) platforms.
> -----Original Message-----
> From: Thomas Dickey [mailto:address@hidden
> Sent: Wednesday, January 14, 2004 11:38 AM
> To: Saravanan Bellan
> Cc: ''address@hidden' '
> Subject: RE: wget_wch problem
>
>
> On Wed, 14 Jan 2004, Saravanan Bellan wrote:
>
> > This is the stack trace when compiled with libncurses_g,
> >
> > (gdb) bt
> > #0 0xff3516e4 in __mbrtowc_dense_gb18030 ()
> > from /usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
> > #1 0x1da08 in wget_wch (win=0x6764c, result=0xffbef578)
> > at ../ncurses/./widechar/lib_get_wch.c:85
> > #2 0x135f0 in main (argc=1, argv=0xffbef5f4) at wget.c:21
>
> My line-85 is a call to mbrlen (perhaps the debugger is different):
>
> buffer[count++] = UChar(value);
> memset(&state, 0, sizeof(state));
> status = mbrlen(buffer, count, &state); <<== 85
> if (status >= 0) {
> memset(&state, 0, sizeof(state));
> if ((int) mbrtowc(&wch, buffer, count,
> &state) != status) {
> code = ERR; /* the two calls should match */
> }
> value = wch;
> break;
> }
>
> if you did (from gdb), an "up" and "print count", that would
> help answer
> the question whether it is a buffer overflow. That is if
> count is more
> than 100 (145 on this machine, but guessing), it indicates that the
> function has looped a few times and may run out of space.
>
> > This is with Sun's locale support.
>
> I don't think I can test that directly. I have that locale
> installed on
> my Linux box, but (not knowing what I'm looking for) do not seem to be
> able to I break it there (valgrind reports from errors within glibc,
> but none in the ncurses test program).
>
> >
> > -----Original Message-----
> > From: Thomas Dickey
> > To: Saravanan Bellan
> > Cc: 'address@hidden'
> > Sent: 1/14/2004 5:55 AM
> > Subject: Re: wget_wch problem
> >
> > On Wed, 14 Jan 2004, Saravanan Bellan wrote:
> >
> > > When running the following program on Solaris 8 with
> > > ncurses(ncurses-5.3-20031004-patch) and zh_CN.GB18030 I get a seg
> > fault at
> > > wget_wch (stack trace below)
> >
> > perhaps linking against libncurses_g would give more information.
> > Is this with Sun's locale support, or using libiconv?
> > I may be able to test the latter on Linux.
> >
> > Reading the code, I suspect a buffer overflow - since the buffer
> > into which mbrtowc writes is fixed (I should alter that).
> >
> > > It works fine for any other locale.
> > >
> > > Any ideas.
> > >
> > > #include <signal.h>
> > > #include <locale.h>
> > > #include <curses.h>
> > > #include <errno.h>
> > > #include <stddef.h>
> > >
> > > main(int argc, char ** argv) {
> > > WINDOW *win;
> > > wint_t in_wc;
> > > int ret_c;
> > >
> > > initscr(); nonl(); noecho(); raw(); erase(); refresh();
> > >
> > > setlocale(LC_ALL, "");
> > >
> > > win = newwin(20, 60, 0, 0);
> > >
> > > clearok(win, 1); touchwin(win); wrefresh(win);
> > > do {
> > > errno = 0;
> > > ret_c = wget_wch(win, &in_wc);
> > > } while ((ret_c == ERR) && (errno == EINTR));
> > > noraw();
> > > endwin();
> > > }
> > >
> > > The back trace from gdb,
> > >
> > > Program terminated with signal 11, Segmentation Fault.
> > > Loaded symbols for
> > /usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
> > > (gdb) bt
> > > #0 0xff3516e4 in __mbrtowc_dense_gb18030 ()
> > > from /usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
> > > #1 0x1d718 in wget_wch ()
> > > #2 0x12e58 in main (argc=1, argv=0xffbef62c) at wget.c:21
> > >
> > >
> > > Thanks,
> > > -Sarva
> > >
> > >
> > > _______________________________________________
> > > Bug-ncurses mailing list
> > > address@hidden
> > > http://mail.gnu.org/mailman/listinfo/bug-ncurses
> > >
> >
> > --
> > Thomas E. Dickey
> > http://invisible-island.net
> > ftp://invisible-island.net
> >
>
> --
> Thomas E. Dickey
> http://invisible-island.net
> ftp://invisible-island.net
>