Anonymous | Login | Signup for a new account | 11-10-2008 12:38 PST |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0004494 | [BusyBox] Other | major | always | 08-07-08 06:00 | 08-10-08 07:29 | ||||
Reporter | whitpa | View Status | public | ||||||
Assigned To | BusyBox | ||||||||
Priority | normal | Resolution | fixed | ||||||
Status | closed | Product Version | 1.11.x | ||||||
Summary | 0004494: segfault in bb_show_usage when using FEATURE_COMPRESS_USAGE on powerpc platform (probable endian unsafety) | ||||||||
Description |
On a PowerPC platform using compressed help, whenever any attempt is made to print usage strings (whether volunteered by the applet or requested via --help), archival/libunarchive/decompress_bunzip2.c:start_bunzip() returns RETVAL_NOT_BZIP_DATA, such that libbb/appletlib.c:unpack_usage_messages() returns a NULL pointer and libbb/appletlib.c:bb_show_usage() subsequently dereferences it. |
||||||||
Additional Information |
There is clearly an endian issue with help decompression. In archival/libunarchive/decompress_bunzip2.c: 593 BZh0 = ('B' << 24) + ('Z' << 16) + ('h' << 8) + '0' ... and later: 620 i = get_bits(bd, 32); 621 if ((unsigned)(i - BZh0 - 1) >= 9) return RETVAL_NOT_BZIP_DATA; .. at which time bd->inbuf is: $8 = (unsigned char *) 0x100bc6a1 "ZB1hA1&YYS¶\026\002\"\031" |
||||||||
Attached Files | |||||||||
|
Copyright © 2000 - 2006 Mantis Group |