I see this every few hours so finally broke down and built FvwmAudio
with -ggdb to get a decent core:
#0 0x8048f85 in Loop (fd=0x6d65622f) at FvwmAudio.c:413
413 if ((count = read(fd[1],header,
(gdb) print count
$1 = -1073743996
(gdb) list
408 int body_length,count,count2=0, total;
409 long code;
410
411 while (1)
412 {
413 if ((count = read(fd[1],header,
414 HEADER_SIZE*sizeof(unsigned long))) <= 0)
415 done(0);
416
Ah, well, it hasn't completed the read, so I guess that's why count
is bogus...
But let's look a little deeper:
(gdb) print fd[1]
Cannot access memory at address 0x6d656233.
(gdb) print fd[0]
Cannot access memory at address 0x6d65622f.
Hrrrm... that smells like ASCII.
(gdb) x/32c &fd-32
0xbffff71c <_serv_stayopen+3086459040>: -36 'Ü' -9 '÷' -1 'ÿ' -65
'¿' -10 'ö'-8 'ø' -1 'ÿ' -65 '¿'
0xbffff724 <_serv_stayopen+3086459048>: 0 '\000' 0 '\000' 0
'\000'0 '\000' 0 '\000' 0 '\000' 0 '\000' 0
'\000'
0xbffff72c <_serv_stayopen+3086459056>: 0 '\000' 0 '\000' 0
'\000'0 '\000' 91 '[' 70 'F' 86 'V' 87 'W'
0xbffff734 <_serv_stayopen+3086459064>: 77 'M' 93 ']' 91 '[' 101 'e'
120 'x'101 'e' 99 'c' 117 'u'
Id looks like fd[] is being overwritten by:
[FVWM][executeModule]: <<ERROR>> No such module 'DestroyStyle' in
ModulePath '/usr/X11R6....
(Yeah, yeah, but I was having fun rearranging the configs so I could
swap my entire look and feel on the fly without doing a reload, just
a recapture...)
Anyway, it seems that there is an interesting overflow bug in FvwmAudio.
Anyone fixed it yet or should I break out bounds-checking gcc on it?
--
Brian Moore Kill A Spammer For Jesus
Sysadmin, C/Perl Hacker, Usenet Vandal
--
Visit the official FVWM web page at <URL:http://www.hpc.uh.edu/fvwm/>.
To unsubscribe from the list, send "unsubscribe fvwm" in the body of a
message to majordomo_at_hpc.uh.edu.
To report problems, send mail to fvwm-owner_at_hpc.uh.edu.
Received on Tue Apr 21 1998 - 19:12:40 BST