* Segmentation fault on some man pages @ 2019-11-30 19:39 Milan P. Stanić 2019-12-02 21:05 ` Ingo Schwarze 0 siblings, 1 reply; 3+ messages in thread From: Milan P. Stanić @ 2019-11-30 19:39 UTC (permalink / raw) To: discuss [-- Attachment #1: Type: text/plain, Size: 906 bytes --] Hello, Sorry if this is not right list to post bug report but I can't find where to post it. On Alpine linux (musl libc) we discovered 'Segmentation fault' when running 'man nft' (nftables man page). We have mandoc (named mdocml=1.14.5-r0 in our distribution) and it works fine, except this for 'nft' man page. This is excerpt from 'ltrace man nft': putwchar(9472, 9472, 0x7fe813c0bbab, 0) strcmp(nil, "\\^" <no return ...> --- SIGSEGV (Segmentation fault) --- +++ killed by SIGSEGV +++ I looked in source and found problem in tbl_term.c file. I made crude hack by removing few lines in tbl_term.c and build mandoc again and with these changes it works without (visible to me) problem for man pages I tried and for nft man page. I'm attaching patch I made, but I think it is not proper fix and hope that some of you experienced in this will make proper fix. File I'm attaching is just hint. -- Tia [-- Attachment #2: fix-tbl_term.patch --] [-- Type: text/x-diff, Size: 757 bytes --] --- a/tbl_term.c 2019-03-10 10:56:43.000000000 +0100 +++ b/tbl_term.c 2019-11-30 14:38:12.918969863 +0100 @@ -625,8 +626,7 @@ /* Print the horizontal line inside this column. */ lw = cpp == NULL || cpn == NULL || - (cpn->pos != TBL_CELL_DOWN && - (dpn == NULL || strcmp(dpn->string, "\\^") != 0)) + cpn->pos != TBL_CELL_DOWN ? hw : 0; tbl_direct_border(tp, BHORIZ * lw, col->width + col->spacing / 2); @@ -669,8 +669,7 @@ /* The horizontal line inside the next column. */ rw = cpp == NULL || cpn == NULL || - (cpn->pos != TBL_CELL_DOWN && - (dpn == NULL || strcmp(dpn->string, "\\^") != 0)) + cpn->pos != TBL_CELL_DOWN ? hw : 0; /* The line crossing at the end of this column. */ ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Segmentation fault on some man pages 2019-11-30 19:39 Segmentation fault on some man pages Milan P. Stanić @ 2019-12-02 21:05 ` Ingo Schwarze 2019-12-02 22:14 ` Milan P. Stanić 0 siblings, 1 reply; 3+ messages in thread From: Ingo Schwarze @ 2019-12-02 21:05 UTC (permalink / raw) To: Milan P. Stanić; +Cc: discuss Hello Milan, Milan P. Stanic wrote on Sat, Nov 30, 2019 at 08:39:26PM +0100: > Sorry if this is not right list to post bug report discuss@, tech@, or devel@ are all fine for bug reports. - discuss@ is best when you think that many people may be affected and/or if it feels important or serious - tech@ is better for minor quirks that fewer people are likely to be interested in - devel@ provides as choice to report a bug privately if you prefer that for whatever reason > but I can't find where to post it. https://mandoc.bsd.lv/contact.html > On Alpine linux (musl libc) we discovered 'Segmentation fault' when > running 'man nft' (nftables man page). Thanks for reporting. > We have mandoc (named mdocml=1.14.5-r0 in our distribution) and it works > fine, except this for 'nft' man page. > > This is excerpt from 'ltrace man nft': > putwchar(9472, 9472, 0x7fe813c0bbab, 0) > strcmp(nil, "\\^" <no return ...> > --- SIGSEGV (Segmentation fault) --- > +++ killed by SIGSEGV +++ I tried to reporduce with the input file https://manpages.debian.org/testing/nftables/nft.8.en.gz but mandoc-current on OpenBSD-current does not crash. Is that the exact version of the input file nft.8 that you are using? If not, could you send a copy of the nft.8 that crashes for you to me directly (not needed on the list)? > I looked in source and found problem in tbl_term.c file. > I made crude hack by removing few lines in tbl_term.c and build mandoc > again and with these changes it works without (visible to me) problem > for man pages I tried and for nft man page. > > I'm attaching patch I made, but I think it is not proper fix and hope > that some of you experienced in this will make proper fix. > File I'm attaching is just hint. Hmmm... The code in mandoc-current does not match the code on the "-"-lines of your patch below. Mandoc-current contains: /* Print the horizontal line inside this column. */ lw = cpp == NULL || cpn == NULL || (cpn->pos != TBL_CELL_DOWN && (dpn == NULL || dpn->string == NULL || strcmp(dpn->string, "\\^") != 0)) ? hw : 0; [...] /* The horizontal line inside the next column. */ rw = cpp == NULL || cpn == NULL || (cpn->pos != TBL_CELL_DOWN && (dpn == NULL || dpn->string == NULL || strcmp(dpn->string, "\\^") != 0)) ? hw : 0; I suspect the following commit might already have fixed your problem about eight months ago: https://cvsweb.bsd.lv/mandoc/tbl_term.c#rev1.70 https://cvsweb.bsd.lv/mandoc/tbl_term.c.diff?r1=1.69&r2=1.70 Does that fix the issue for you? If so, consider adding a combined patch containing rev.s 1.70 and 1.71 to your port until i roll a new release: https://cvsweb.bsd.lv/mandoc/tbl_term.c.diff?r1=1.69&r2=1.71 Yours, Ingo > --- a/tbl_term.c 2019-03-10 10:56:43.000000000 +0100 > +++ b/tbl_term.c 2019-11-30 14:38:12.918969863 +0100 > @@ -625,8 +626,7 @@ > /* Print the horizontal line inside this column. */ > > lw = cpp == NULL || cpn == NULL || > - (cpn->pos != TBL_CELL_DOWN && > - (dpn == NULL || strcmp(dpn->string, "\\^") != 0)) > + cpn->pos != TBL_CELL_DOWN > ? hw : 0; > tbl_direct_border(tp, BHORIZ * lw, > col->width + col->spacing / 2); > @@ -669,8 +669,7 @@ > /* The horizontal line inside the next column. */ > > rw = cpp == NULL || cpn == NULL || > - (cpn->pos != TBL_CELL_DOWN && > - (dpn == NULL || strcmp(dpn->string, "\\^") != 0)) > + cpn->pos != TBL_CELL_DOWN > ? hw : 0; > > /* The line crossing at the end of this column. */ -- To unsubscribe send an email to discuss+unsubscribe@mandoc.bsd.lv ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Segmentation fault on some man pages 2019-12-02 21:05 ` Ingo Schwarze @ 2019-12-02 22:14 ` Milan P. Stanić 0 siblings, 0 replies; 3+ messages in thread From: Milan P. Stanić @ 2019-12-02 22:14 UTC (permalink / raw) To: discuss Hello Ingo, On Mon, 2019-12-02 at 22:05, Ingo Schwarze wrote: > Hello Milan, > > Milan P. Stanic wrote on Sat, Nov 30, 2019 at 08:39:26PM +0100: > > > Sorry if this is not right list to post bug report > > discuss@, tech@, or devel@ are all fine for bug reports. > > - discuss@ is best when you think that many people may be affected > and/or if it feels important or serious > - tech@ is better for minor quirks that fewer people are likely > to be interested in > - devel@ provides as choice to report a bug privately if you > prefer that for whatever reason > > > but I can't find where to post it. > > https://mandoc.bsd.lv/contact.html Yes, I found this link and subscribed to discuss@ > > On Alpine linux (musl libc) we discovered 'Segmentation fault' when > > running 'man nft' (nftables man page). > > Thanks for reporting. > > > We have mandoc (named mdocml=1.14.5-r0 in our distribution) and it works ^^^^^^ In Alpine linux we are using version 1.14.5 of mandoc/mdocml, which are latest stable version, I think. > > fine, except this for 'nft' man page. > > > > This is excerpt from 'ltrace man nft': > > putwchar(9472, 9472, 0x7fe813c0bbab, 0) > > strcmp(nil, "\\^" <no return ...> > > --- SIGSEGV (Segmentation fault) --- > > +++ killed by SIGSEGV +++ > > I tried to reporduce with the input file > > https://manpages.debian.org/testing/nftables/nft.8.en.gz > > but mandoc-current on OpenBSD-current does not crash. > Is that the exact version of the input file nft.8 that you are using? > If not, could you send a copy of the nft.8 that crashes for you > to me directly (not needed on the list)? Of course, I will post it to your mail address to not fill mailing list unnecessary. > > I looked in source and found problem in tbl_term.c file. > > I made crude hack by removing few lines in tbl_term.c and build mandoc > > again and with these changes it works without (visible to me) problem > > for man pages I tried and for nft man page. > > > > I'm attaching patch I made, but I think it is not proper fix and hope > > that some of you experienced in this will make proper fix. > > File I'm attaching is just hint. > > Hmmm... The code in mandoc-current does not match the code > on the "-"-lines of your patch below. Mandoc-current contains: > > /* Print the horizontal line inside this column. */ > > lw = cpp == NULL || cpn == NULL || > (cpn->pos != TBL_CELL_DOWN && > (dpn == NULL || dpn->string == NULL || > strcmp(dpn->string, "\\^") != 0)) > ? hw : 0; > [...] > /* The horizontal line inside the next column. */ > > rw = cpp == NULL || cpn == NULL || > (cpn->pos != TBL_CELL_DOWN && > (dpn == NULL || dpn->string == NULL || > strcmp(dpn->string, "\\^") != 0)) > ? hw : 0; > > I suspect the following commit might already have fixed your problem > about eight months ago: > > https://cvsweb.bsd.lv/mandoc/tbl_term.c#rev1.70 > https://cvsweb.bsd.lv/mandoc/tbl_term.c.diff?r1=1.69&r2=1.70 I found patch in Void linux source packages https://github.com/void-linux/void-packages/blob/master/srcpkgs/mdocml/patches/fix-tbl-NULL-pointer-dereference.patch which looks like it is taken from your link above https://cvsweb.bsd.lv/mandoc/tbl_term.c.diff?r1=1.69&r2=1.70 > Does that fix the issue for you? Yes, this patch fixes segmentation fault on Alpine. > If so, consider adding a combined patch containing > rev.s 1.70 and 1.71 to your port until i roll a new release: > > https://cvsweb.bsd.lv/mandoc/tbl_term.c.diff?r1=1.69&r2=1.71 Will try and see if it works. Thank you for help -- Best regards > Yours, > Ingo > > > > --- a/tbl_term.c 2019-03-10 10:56:43.000000000 +0100 > > +++ b/tbl_term.c 2019-11-30 14:38:12.918969863 +0100 > > @@ -625,8 +626,7 @@ > > /* Print the horizontal line inside this column. */ > > > > lw = cpp == NULL || cpn == NULL || > > - (cpn->pos != TBL_CELL_DOWN && > > - (dpn == NULL || strcmp(dpn->string, "\\^") != 0)) > > + cpn->pos != TBL_CELL_DOWN > > ? hw : 0; > > tbl_direct_border(tp, BHORIZ * lw, > > col->width + col->spacing / 2); > > @@ -669,8 +669,7 @@ > > /* The horizontal line inside the next column. */ > > > > rw = cpp == NULL || cpn == NULL || > > - (cpn->pos != TBL_CELL_DOWN && > > - (dpn == NULL || strcmp(dpn->string, "\\^") != 0)) > > + cpn->pos != TBL_CELL_DOWN > > ? hw : 0; > > > > /* The line crossing at the end of this column. */ > -- > To unsubscribe send an email to discuss+unsubscribe@mandoc.bsd.lv > -- To unsubscribe send an email to discuss+unsubscribe@mandoc.bsd.lv ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-12-02 22:14 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-11-30 19:39 Segmentation fault on some man pages Milan P. Stanić 2019-12-02 21:05 ` Ingo Schwarze 2019-12-02 22:14 ` Milan P. Stanić
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).