GNU bug report logs - #20210
tests/df/skip-duplicates fails on Debian-kFreeBSD due to calling 'strstr(NULL,)'

Previous Next

Package: coreutils;

Reported by: Assaf Gordon <assafgordon <at> gmail.com>

Date: Fri, 27 Mar 2015 00:29:02 UTC

Severity: normal

Done: Pádraig Brady <P <at> draigBrady.com>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Assaf Gordon <assafgordon <at> gmail.com>
To: bug-coreutils <at> gnu.org
Subject: tests/df/skip-duplicates fails on Debian-kFreeBSD due to calling
 'strstr(NULL,)'
Date: Thu, 26 Mar 2015 20:28:40 -0400

[Message part 1 (text/plain, inline)]
Hello,

A somewhat exotic test failure:

On Debian/kFreeBSD 'tests/df/skip-duplicates' fails with 'df' segfaulting like so:

     ...
     ./tests/df/skip-duplicates.sh: line 113:  7741 Segmentation fault      LD_PRELOAD=./k.so df
     ...

The flow is:
1. the "k.so" file (inlined C code in 'tests/df/skip-duplicates.sh') returns 'struct mntent' in which '.mnt_opts' is NULL (not just empty string)
2. read_file_system_list() calls dev_from_mount_options(mnt->mnt_opts) .
3. in dev_from_mount_options()  "__linux__" is not defined (using FreeBSD kernel v9).
4. strstr() is called with 'mount_options==NULL'.
5. libc segfaults.

The direct culprit is 'dev_from_mount_options' in gnulib's mountlist.c, which has:

     static dev_t
     dev_from_mount_options (char const *mount_options)
     {
       /* GNU/Linux allows file system implementations to define their own
          meaning for "dev=" mount options, so don't trust the meaning
          here.  */
     # ifndef __linux__
       static char const dev_pattern[] = ",dev=";
       char const *devopt = strstr (mount_options, dev_pattern);
     ...


Using gdb, the stack-trace is:
     $ gdb ../src/df
     (gdb) set environment LD_PRELOAD=./k.so
     (gdb) start
     Program received signal SIGSEGV, Segmentation fault.
     0x0000000800abcc04 in strstr () from /lib/x86_64-kfreebsd-gnu/libc.so.0.1
     (gdb) bt
     #0  0x0000000800abcc04 in strstr () from /lib/x86_64-kfreebsd-gnu/libc.so.0.1
     #1  0x000000000040f7ed in dev_from_mount_options (mount_options=0x0) at lib/mountlist.c:363
     #2  0x000000000040fb6c in read_file_system_list (need_fs_type=false) at lib/mountlist.c:449
     #3  0x0000000000405751 in main (argc=1, argv=0x7fffffffd648) at src/df.c:1647


I'm not sure what is the correct,clean fix, attached are two options (one fixes the test, one avoids the call in lib/mountlist.c).

Regards,
  - assaf

P.S.
On FReeBSD-10.1 the test is skipped:
   skip-duplicates.sh: skipped test: $CC -shared ... failed to build a shared lib
   SKIP: tests/df/skip-duplicates.sh



[fix-df-skip-dups1.patch (text/x-patch, attachment)]
[fix-lib-mountlist.patch (text/x-patch, attachment)]
This bug report was last modified 10 years and 119 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.