OSDN -- Develop and Download Open Source Software

Ticket #30456
Ticket List Submit New Ticket RSS

gcc48でdyn_table_genがsegfaultで死ぬ

Open Date: 2013-01-06 02:11 Last Update: 2013-01-15 18:11

Reporter:
mtasaka
Owner:
efialtes
Type:
Bugs
Status:
Closed
Component:
(None)
MileStone:
(None)
Priority:
5 - Medium
Severity:
5 - Medium
Resolution:
None
File:
None

Details

gccの開発者から(開発中の)gcc 4.8でskf 1.99.0のビルドが出来ないと連絡がありました。
http://lists.fedoraproject.org/pipermail/devel/2013-January/175876.html

試してみると、確かにmakeするとdyn_table_genがsegfaultで死んで build出来ません。 

DEBUG: ./dyn_table_gen
DEBUG: ** generating input side tables: 
DEBUG: x9010_a - table/iIS35M.stb 
DEBUG: x9010_ba - table/iIS35O.stb 
.....
.....
DEBUG: big52 - table/iNM34P.stb 
DEBUG: big5a - make: *** [dyn_table] Segmentation fault
gdbで何が起こっているのか調べてみると 
# gdb ./dyn_table_gen core.26896 
GNU gdb (GDB) Fedora (7.5.1-32.fc18)
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /builddir/build/BUILD/skf-1.99.0/skf-1.99/dyn_table_gen...done.
[New LWP 26896]
Core was generated by `./dyn_table_gen'.
Program terminated with signal 11, Segmentation fault.
#0  0x0804a5d7 in big5a_table_gen () at dyn_table.c:45144
45144		big5a_uni_byte[BIG5P_TBL_LEN+j-950] = big5uao_fa_uni_byte[j];
Missing separate debuginfos, use: debuginfo-install glibc-2.17-1.fc19.i686
(gdb) bt
#0  0x0804a5d7 in big5a_table_gen () at dyn_table.c:45144
#1  0x08048a4e in main (argc=1, argv=0xbff32234) at dyn_table.c:45963
(gdb) li
45139	    };
45140	    for (j=0;j<BIG5_OFFSET;j++) {  /* 8140 - */
45141	    	big5a_uni_byte[j] = big5uao_81_uni_byte[j];
45142	    };
45143	    for (j=0;j<HKSCS_FA_LEN;j++) {  /* fa00 - */
45144		big5a_uni_byte[BIG5P_TBL_LEN+j-950] = big5uao_fa_uni_byte[j];
45145	    };
45146	    for (j=0;j<HKSCS_C6_LEN;j++) {  /* c640 - */
45147		big5a_uni_byte[11780+j+1330] = big5uao_c6_uni_byte[j];
45148	    };
となっています。
そこでBIG5P_TBL_LENとかがどうなっているかを見てみますと 
convert.h
    563  #define BIG5P_TBL_LEN   23940   /* BIG5-Plus 190 * 126 */
 
dyn_table.c
    51  #define HKSCS_FA_LEN    1140    /* f940 - fefe                     */
43868  unsigned short big5a_uni_byte[BIG5P_TBL_LEN];   /* BIG5 UAO        */
45143	    for (j=0;j<HKSCS_FA_LEN;j++) {  /* fa00 - */
45144		big5a_uni_byte[BIG5P_TBL_LEN+j-950] = big5uao_fa_uni_byte[j];
45145	    };
となっていて、確かにbuffer overflowが起こっています。
big5a_uni_byteの正しいサイズが分からないため、どう修正したらよいか 分かりません。対応お願いいたします。

Ticket History (3/4 Histories)

2013-01-06 02:11 Updated by: mtasaka
  • New Ticket "gcc48でdyn_table_genがsegfaultで死ぬ" created
2013-01-13 23:10 Updated by: efialtes
  • Owner Update from (None) to efialtes
2013-01-15 00:00 Updated by: efialtes
Comment

1.99.1 で修正しています。報告ありがとうございました。

2013-01-15 18:11 Updated by: mtasaka
  • Status Update from Open to Closed
  • Ticket Close date is changed to 2013-01-15 18:11
Comment

確認しました。有り難うございます。

Attachment File List

No attachments

Edit

You are not logged in. I you are not logged in, your comment will be treated as an anonymous post. » Login