#536 highlighting pattern capacity overflow

release
closed-fixed
Program (402)
5
2006-08-08
2006-08-08
Anonymous
No

I report one more bug concernining highlighting
patterns. It observed when one more pattern is added to
huge set of patterns made for some language. At the
same time, patterns to other languages can ba added
without crashing. This bug is observed for both

NEdit 5.5
Sep 30, 2004

Built on: Linux, 386, GNU C
Built at: Oct 1 2004, 15:55:40
With Motif: 2.1.30 [@(#)Motif Version 2.1.30]
Running Motif: 2.1 [unknown]
Server: The X.Org Foundation 60900000
Visual: 24-bit TrueColor (ID 0x23, Default)
Locale: en_US

and

5.6 [Under Development] HEAD
Aug 8, 2006

Built on: Linux, 486, GNU C
Built at: Aug 8 2006, 10:08:45
With Motif: 1.2.0 [@(#)GNU/LessTif Version 1.2
Release 0.93.94]
Running Motif: 1.2 [unknown]
Server: The X.Org Foundation 60900000
Visual: 24-bit TrueColor (ID 0x23, Default)
Locale: en_US

Description:

Import attached "crash.pats" containing
patterns for LaTeX language. Nedit crashes with
following debug message.

(gdb) r -server
Starting program: /tmp/nedit/source/nedit -server

Program received signal SIGSEGV, Segmentation fault.
0x0836f1f8 in ?? ()
(gdb) bt full
#0 0x0836f1f8 in ?? ()
No symbol table info available.
#1 0x000000b7 in ?? ()
No symbol table info available.
#2 0x358cc800 in ?? ()
No symbol table info available.
#3 0x00000208 in ?? ()
No symbol table info available.
#4 0x00000000 in ?? ()
No symbol table info available.
#5 0xf306a400 in ?? ()
No symbol table info available.
#6 0x34cd78b7 in ?? ()
No symbol table info available.
#7 0x1f3e5408 in ?? ()
No symbol table info available.
#8 0x34ec0d08 in ?? ()
No symbol table info available.
#9 0x00002008 in ?? ()
No symbol table info available.
#10 0x00000800 in ?? ()
No symbol table info available.
#11 0x92a50800 in ?? ()
No symbol table info available.
#12 0x0a7456bf in ?? ()
No symbol table info available.
#13 0x92a4f808 in ?? ()
No symbol table info available.
#14 0x000000bf in ?? ()
No symbol table info available.
#15 0x34eaf000 in ?? ()
No symbol table info available.
#16 0xed96cc08 in ?? ()
No symbol table info available.
#17 0x335938b7 in ?? ()
No symbol table info available.

Step-by-step description.
1. Import attached pre-crash.pats and open any
non-empty latex file.
2. Add new highlighting pattern, for example, copy
"Comment" pattern.
3. Apply patterns, then press "OK" or try to save
defaults. Nedit crashes with following debug message.

(gdb) r -server
Starting program: /tmp/nedit/source/nedit -server
Multiple event sequence ignored.

Multiple event sequence ignored.

Multiple event sequence ignored.

Multiple event sequence ignored.

Multiple event sequence ignored.

Multiple event sequence ignored.

Multiple event sequence ignored.

Name: shellMenu
Class: XmRowColumn

../../../lib/Xm/Manager.c:_XmManagerInstallAccelerator(2174)
- Could not convert >Ctrl<Key>KP_Enter< to a KeyCode
Ctrl<Key>KP_Enter -> 0000ff8d -> 0

*** glibc detected *** double free or corruption (out):
0x08484488 ***

Program received signal SIGABRT, Aborted.
0xb7c6d7c7 in raise () from /lib/tls/libc.so.6
(gdb) bt full
#0 0xb7c6d7c7 in raise () from /lib/tls/libc.so.6
No symbol table info available.
#1 0xb7c6f06b in abort () from /lib/tls/libc.so.6
No symbol table info available.
#2 0xb7ca4545 in __fsetlocking () from /lib/tls/libc.so.6
No symbol table info available.
#3 0xb7caab97 in malloc_usable_size () from
/lib/tls/libc.so.6
No symbol table info available.
#4 0xb7cab032 in free () from /lib/tls/libc.so.6
No symbol table info available.
#5 0xb7e9a2c1 in XtFree () from /usr/X11R6/lib/libXt.so.6
No symbol table info available.
#6 0x080ac361 in freeNonNull ()
No symbol table info available.
#7 0x080ac3a3 in freePatternSrc ()
No symbol table info available.
#8 0x080aad93 in destroyCB ()
No symbol table info available.
#9 0xb7e9a86f in XtCallCallbackList () from
/usr/X11R6/lib/libXt.so.6
No symbol table info available.
#10 0xb7ea3745 in _XtCreateHookObj () from
/usr/X11R6/lib/libXt.so.6
No symbol table info available.
#11 0xb7ea35f4 in _XtCreateHookObj () from
/usr/X11R6/lib/libXt.so.6
No symbol table info available.
#12 0xb7ea364d in _XtCreateHookObj () from
/usr/X11R6/lib/libXt.so.6
No symbol table info available.
#13 0xb7ea3a19 in _XtCreateHookObj () from
/usr/X11R6/lib/libXt.so.6
No symbol table info available.
#14 0xb7ea3d3f in _XtDoPhase2Destroy () from
/usr/X11R6/lib/libXt.so.6
No symbol table info available.
#15 0xb7ea8ca0 in XtDispatchEvent () from
/usr/X11R6/lib/libXt.so.6
No symbol table info available.
#16 0x080a2ff3 in ServerDispatchEvent ()
No symbol table info available.
#17 0x080a2ef9 in ServerMainLoop ()
No symbol table info available.

Alexey Kuznetsov

Discussion

  • Nobody/Anonymous

    highlighting patterns

     
  • Eddy De Greef

    Eddy De Greef - 2006-08-08

    Logged In: YES
    user_id=73597

    Those were actually two separate bugs, both caused by not
    (properly) checking the pattern set limits.
    It should be ok now in CVS.

    Thanks again.

     
  • Eddy De Greef

    Eddy De Greef - 2006-08-08
    • labels: --> Program
    • milestone: --> release
    • assigned_to: nobody --> edg
    • status: open --> closed-fixed
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks