[Bug 205796] [patch] math/xgraph - fix two Segmentation fault problems

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sat Jan 2 10:55:21 UTC 2016 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205796

            Bug ID: 205796
           Summary: [patch] math/xgraph - fix two Segmentation fault
                    problems
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Keywords: patch
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: sanpei at FreeBSD.org
          Reporter: uratan at miomio.jp
          Assignee: sanpei at FreeBSD.org
          Keywords: patch
             Flags: maintainer-feedback?(sanpei at FreeBSD.org)

Created attachment 164950
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=164950&action=edit
patchs, xgraph.c for problem-[1], xtb.h for problem-[2]

[1] uninitialized pointer access in main()

problem:
  Simply execute xgraph, it may make Segmentation fault.

description:
  When calling init_X() from main(), an uninitilized pointer 'win_info'
  is referenced.  This may cause Segmentation fault according to its
  stack condition.

workaround:
  Function init_X() will not use its parameter now, so simply remove the
  reference, see patch for xgraph.c.


[2] variable argument problem about xtb_vert(), xtb_hort(), when amd64

problem:
  When openning Hardcopy dialog, on amd64 environment, Segmentation fault
  will occur.

description:
  Function xtb_vert() / xtb_hort() accept pointers by variable argument,
  and use mere 0 (defined as 'NE') for its end-of-list value.

  On amd64 environment,
  mere 0 is passed as a 4-byte-param (because it is an int value),
  but above functions take the params out as a pointer (8-byte at amd64),
  so end-of-list value is packed with some more 4-byte garbage and lost,
  it will make later Segmentation fault.

workaround:
  To make the end-of-list value to 8-byte one, add a cast to the macro 'NE',
  see patch for xtb.h.
  This change will not have a bad influence for i386 or other environment,
  I wish...

 - * - * -

testing environment:
  +------------------------------------
  |% uname -srm
  |FreeBSD 10.2-RELEASE amd64
  |
  |
  |% head /usr/ports/math/xgraph/Makefile
  |# Created by: asami
  |# $FreeBSD: tags/RELEASE_10_2_0/math/xgraph/Makefile 376508 2015-01-08
01:23:17Z
  | sanpei $
  |
  |PORTNAME=       xgraph
  |PORTVERSION=    11.3.2.20000910
  |PORTREVISION=   3
  |CATEGORIES=     math print
  |MASTER_SITES=   ftp://ftp.cs.utoronto.ca/pub/radford/
  |DISTNAME=       xgraph-11
  +------------------------------------

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list