Some more info about that guname bug

From: Martin Baulig <martin home-of-linux org>
To: 345 bugs gnome org
Subject: Some more info about that guname bug
Date: 26 Feb 1999 13:03:32 +0100

Hello hackers,

Here are some more info about that guname core dump.

I renamed `descriptions' to `guname_descriptions' and inserted a 0x80
bytes large, zero-initialized array called `not_used' like this:

	long long int not_used[16] = {
	 0, 0, 0, 0, 0, 0, 0, 0,
	 0, 0, 0, 0, 0, 0, 0 ,0
	};

This is from the resulting binary:

08050b48 D __data_start
08050b48 W data_start
08050b4c d p.2
08050b50 d completed.3
08050b54 D popup
08050b54 d force_to_data
08050b58 d scroll_text
08050ec4 d nscroll_texts
08050ec8 d scroll_text_widths
080511e8 d cur_scroll_text
080511ec d cur_scroll_index
080511f0 d scroll_area
080511f4 d scroll_pixmap
080511f8 d do_scrolling
080511fc d scroll_state
08051200 d offset
08051204 d timer
0805120c D not_used
0805128c D guname_descriptions

Some strange thing happens while imlib is loading the png module which
causes parts of the data segment (around that 0x0805120c address) being
overwritten.

This is causing the segfault later where it tries to access one of the
strings in the `guname_descriptions'.

Moving this `guname_description' symbol further to the end of the data
segment (by inserting the `not_used' unused initialized array) fixes
this problem as it is this unused array being overwritten.

I really start getting confused - any ideas what is happening here ?

-- 
Martin Baulig - martin@home-of-linux.org - http://www.home-of-linux.org

Follow-Ups:
- Re: Some more info about that guname bug
  - From: Martin Baulig

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]