Re: [BUG] Segmentation fault when copy symlink with checked "Stable Symlinks"

From: Jindrich Novy <jnovy redhat com>
To: mgarski post pl
Cc: mc-devel gnome org
Subject: Re: [BUG] Segmentation fault when copy symlink with checked "Stable Symlinks"
Date: Tue, 13 Sep 2005 13:07:48 +0200

Hello,

On Tue, 2005-09-13 at 01:05 +0200, Marcin Garski wrote:
> Hi,
> 
> mc-4.6.1a-0.11.FC4 from Fedora Core 4 on x86_64.
> 
> 1. Create "mc" directory
> 2. Change directory to "mc"
> 3. Create ".eDonkey2000" directory
> 4. Create ".overnet" symlink pointing to ".eDonkey2000"
> 5. Copy ".overnet" symlink to "/tmp" BUT check "Stable Symlinks" in copy 
> dialog.
> 6. Watch mc crash
> 
> If you want more info, just write :)

The attached patch fixes two nasty bugs in file.c and util.c. The first
one is the off-by-one error in path indexing what causes a generation of
dangled symlinks. The second one is the culprit of the segfault you
presented. It applies cleanly to 4.6.1 release.

Jindrich

-- 
Jindrich Novy <jnovy redhat com>, http://people.redhat.com/jnovy/
(o_                                                           _o)
//\      The worst evil in the world is refusal to think.     //\
V_/_                                                         _\_V

--- mc-4.6.1/src/util.c.jn	2005-05-27 16:19:18.000000000 +0200
+++ mc-4.6.1/src/util.c	2005-09-13 12:57:02.000000000 +0200
@@ -1140,21 +1140,23 @@
  * as needed up in first and then goes down using second */
 char *diff_two_paths (const char *first, const char *second) 
 {
-    char *p, *q, *r, *s, *buf = 0;
+    char *p, *q, *r, *s, *buf = NULL;
     int i, j, prevlen = -1, currlen;
     char *my_first = NULL, *my_second = NULL;
     
     my_first = resolve_symlinks (first);
     if (my_first == NULL)
         return NULL;
+    my_second= resolve_symlinks (second);
+    if (my_second == NULL) {
+	g_free (my_first);
+	return NULL;
+    }
     for (j = 0; j < 2; j++) {
 	p = my_first;
 	if (j) {
-	    my_second = resolve_symlinks (second);
-	    if (my_second == NULL) {
-		g_free (my_first);
+	    if (my_second == NULL)
 	        return buf;
-	    }
 	}
 	q = my_second;
 	for (;;) {
--- mc-4.6.1/src/file.c.jn	2005-05-27 16:19:18.000000000 +0200
+++ mc-4.6.1/src/file.c	2005-09-13 12:57:02.000000000 +0200
@@ -382,7 +382,7 @@
 	const char *r = strrchr (src_path, PATH_SEP);
 
 	if (r) {
-	    p = g_strndup (src_path, r - src_path);
+	    p = g_strndup (src_path, r - src_path + 1);
 	    if (*dst_path == PATH_SEP)
 		q = g_strdup (dst_path);
 	    else

Follow-Ups:
- Re: [BUG] Segmentation fault when copy symlink with checked "Stable Symlinks"
  - From: Leonard den Ottolander
- Re: [BUG] Segmentation fault when copy symlink with checked "Stable Symlinks"
  - From: Leonard den Ottolander
- Re: [BUG] Segmentation fault when copy symlink with checked "Stable Symlinks"
  - From: Leonard den Ottolander

References:
- [BUG] Segmentation fault when copy symlink with checked "Stable Symlinks"
  - From: Marcin Garski

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]