#34 Crahes and patches

open
nobody
None
5
2011-04-06
2011-04-06
Alexey
No

I've encountered a couple of crashes, while using this wonderful software. Being a programmer myself, I've managed to fix them.

1) I had some crashes with triggers with empty actions.

Found in trogger.c
parse_commands(world, trigger->action, strlen(trigger->action));
trigger->action was NULL

Fixed that with if(trigger->action) checking

2) Long lines and triggers
#MAX_BUFFER 1024
While long lines are usually split very nicely, a trigger, that rewrites a string can create a buffer overflow issue and crash the programm.
I don't know how to fix it right, but buffer size >100000 fixed it for me

3) Ctrl+C crash
On Ubuntu 10.10 copying a text from the main windows crashed the programm.
in src/mainwindow.c in menu_copy_activate_cb
display = gtk_widget_get_display(GTK_WIDGET(widget));
"widget" is not a widget, but action. I think it's GTK issue
I added some additional checks, now it works

Patch attached

Discussion

  • Alexey

    Alexey - 2011-04-06

    Fixes

     
  • Eduardo M Kalinowski

    1) The check does not hurt, I've added it. However, I can't really imagine what's the use of a rewriter trigger without an action. If you just want to gag or change the style, a normal trigger will do.

    2) Increasing the buffer size just postpones the problem until one has a really long line. Do you have an example where the problem happens so I can try a better solution? I'm leaving the report open because of this.

    3) Here it does not crash (because GTK_WIDGET checks if the pointer can be cast), but the functionality does not work. I've fixed it, but in a much simpler way.

     
  • Alexey

    Alexey - 2011-04-17

    1) Yes, now I know how rewrite triggers work, but when you experiment with program first time and it keeps crashing, it's getting annoying. Perhaps, you could add a check and don't save the trigger if user left action empty?

    2) It was a very specific error. But for a test, it may be possible to decrease the buffer size (like 100). Then a lot of line will be cut in 100-bytes chunk and when any of them encounter a trigger which insert ANSI-coloring symbols in it, it should crash. I'll try to investigate this too

     

Log in to post a comment.