[issue1891] sftp utility crashes
vasily postnicov (via DragonFly issue tracker)
sinknull at leaf.dragonflybsd.org
Wed Nov 10 09:20:34 PST 2010
vasily postnicov <shamaz.mazum at gmail.com> added the comment:
> How did you specify -O0 and what error are you getting? Because world
and kernel build just fine here with -O0.
Uh, I am sorry. This is my fault, actually.
> Can you give the following values?
I have something interesting for you. Size of glob_t (type for glob() ) is 88
(at least on my machine):
#include <sys/types.h>
#include <glob.h>
#include <stdio.h>
int main ()
{
printf ("%i\n", sizeof(glob_t));
return 0;
}
$ cc -o test test.c
$ ./test
88
In glob () function it is 88 too, but in process_get() and remote_glob() it is
72. How could it be?
Some output from gdb:
sftp> get htdocs
Breakpoint 1, remote_glob (conn=0x8005800c0,
pattern=0x800580820 "/home/groups/t/tp/tprpg/htdocs", flags=8, errfunc=0,
pglob=0x7fffffffe7a0)
at /usr/src/secure/usr.bin/sftp/../../../crypto/openssh/sftp-glob.c:148
148 return(glob(pattern, flags | GLOB_ALTDIRFUNC, errfunc, pglob));
(gdb) list
143 pglob->gl_stat = fudge_stat;
144
145 memset(&cur, 0, sizeof(cur));
146 cur.conn = conn;
147
148 return(glob(pattern, flags | GLOB_ALTDIRFUNC, errfunc, pglob));
149 }
(gdb) bt
#0 remote_glob (conn=0x8005800c0,
pattern=0x800580820 "/home/groups/t/tp/tprpg/htdocs", flags=8, errfunc=0,
pglob=0x7fffffffe7a0)
at /usr/src/secure/usr.bin/sftp/../../../crypto/openssh/sftp-glob.c:148
#1 0x00000000004038db in process_get (conn=0x8005800c0, src=0x8005600f0 "htdocs",
dst=0x0, pwd=0x8005700b8 "/home/groups/t/tp/tprpg", pflag=0, rflag=0)
at /usr/src/secure/usr.bin/sftp/../../../crypto/openssh/sftp.c:508
#2 0x0000000000405bd6 in parse_dispatch_command (conn=0x8005800c0,
cmd=0x7fffffffedb0 "get htdocs", pwd=0x7ffffffff5b8, err_abort=0)
at /usr/src/secure/usr.bin/sftp/../../../crypto/openssh/sftp.c:1307
#3 0x0000000000407959 in interactive_loop (conn=0x8005800c0, file1=0x0, file2=0x0)
at /usr/src/secure/usr.bin/sftp/../../../crypto/openssh/sftp.c:1975
#4 0x000000000040832f in main (argc=2, argv=0x7ffffffff728)
at /usr/src/secure/usr.bin/sftp/../../../crypto/openssh/sftp.c:2249
(gdb) print *pglob
$1 = {gl_pathc = 0, gl_matchc = 0, gl_offs = 0, gl_flags = 0, gl_pathv = 0x0,
gl_errfunc = 0, gl_closedir = 0x40c5ec <fudge_closedir>,
gl_readdir = 0x40c552 <fudge_readdir>, gl_opendir = 0x40c4f4 <fudge_opendir>,
gl_lstat = 0x40c60f <fudge_lstat>, gl_stat = 0x40c661 <fudge_stat>}
(gdb) print sizeof(*pglob)
$3 = 72
(gdb) x/72xb pglob
0x7fffffffe7a0: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7a8: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7b0: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7b8: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7c0: 0xec 0xc5 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7c8: 0x52 0xc5 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7d0: 0xf4 0xc4 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7d8: 0x0f 0xc6 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7e0: 0x61 0xc6 0x40 0x00 0x00 0x00 0x00 0x00
(gdb) step
Breakpoint 2, glob (pattern=0x800580820 "/home/groups/t/tp/tprpg/htdocs", flags=72,
errfunc=0, pglob=0x7fffffffe7a0) at /usr/src/lib/libc/../libc/gen/glob.c:187
187 patnext = pattern;
(gdb) print sizeof(*pglob)
$4 = 88
(gdb) x/88xb pglob
0x7fffffffe7a0: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7a8: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7b0: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7b8: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7c0: 0xec 0xc5 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7c8: 0x52 0xc5 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7d0: 0xf4 0xc4 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7d8: 0x0f 0xc6 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7e0: 0x61 0xc6 0x40 0x00 0x00 0x00 0x00 0x00
0x7fffffffe7e8: 0x20 0x08 0x58 0x00 0x08 0x00 0x00 0x00
0x7fffffffe7f0: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
(gdb) print *pglob
$5 = {gl_pathc = 0, gl_matchc = 0, gl_offs = 0, gl_flags = 0, gl_pathv = 0x40c5ec,
gl_errfunc = 0x40c552 <fudge_readdir>, gl_closedir = 0x40c4f4 <fudge_opendir>,
gl_readdir = 0x40c60f <fudge_lstat>, gl_opendir = 0x40c661 <fudge_stat>,
gl_lstat = 0x800580820, gl_stat = 0}
_____________________________________________________
DragonFly issue tracker <bugs at lists.dragonflybsd.org>
<http://bugs.dragonflybsd.org/issue1891>
_____________________________________________________
More information about the Bugs
mailing list