Package: sip-tester Version: 3.1.r590-1 Severity: normal I was preparing some scenario files and made an XML syntax error. As a result I discovered this SIGSEGV with an invalid XML tag:
p...@chianamo:~$ cat segfault.xml <?xml version="1.0" encoding="ISO-8859-1" ?> <!DOCTYPE scenario SYSTEM "sipp.dtd"> <scenario name=""> <recvCmd> <action </action> </recvCmd> </scenario> p...@chianamo:~$ gdb --args sipp -sf segfault.xml GNU gdb (GDB) 7.0.1-debian Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/sipp...done. (gdb) r Starting program: /usr/bin/sipp -sf segfault.xml [Thread debugging using libthread_db enabled] Program received signal SIGSEGV, Segmentation fault. 0x000000000040ace4 in xp_open_element (index=0) at xp_parser.c:214 214 xp_parser.c: No such file or directory. in xp_parser.c Current language: auto The current source language is "auto; currently c". (gdb) thread apply all bt full Thread 1 (Thread 0x7ffff7fd3710 (LWP 4586)): #0 0x000000000040ace4 in xp_open_element (index=0) at xp_parser.c:214 ptr = 0x1 <Address 0x1 out of bounds> level = 2 name = "recvCmd", '\000' <repeats 248 times> #1 0x00000000004162eb in scenario (this=0x8206b0, filename=0x7fffffffe5e0 "segfault.xml", deflt=0) at scenario.cpp:689 scenario_file_cursor = 1 peer = 0x7ffff679fec8 "\270\376y\366\377\177" label_it = {_M_node = 0x7ffff6460548} elem = 0x6b3c80 "recvCmd" method_list = 0x0 L_content_length = 0 #2 0x000000000043c47f in main (argc=3, argv=0x7fffffffe308) at sipp.cpp:4476 option = 0x6931f0 pass = 2 media_sockaddr = {ss_family = 57456, __ss_align = 140737488347272, __ss_padding = "8\351G\367\001\000\000\000\356+F\366\377\177\000\000\000\000\000\000\000\000\000\000\035DQ\366\377\177\000\000\000\000\000\000\000\000\000\000`\376y\366\377\177\000\000\270\376y\366\377\177\000\000\tyL\366\377\177\000\000(\343\377\377\377\177\000\000zCL\366\377\177\000\000\000\000\000\000\000\000\000\000H\005F\366\377\177\000\000 \004\000\000\000\000\000\000\377\017\000\000\000\000\000"} pthread3_id = 140737488347944 generic_count = 0 __PRETTY_FUNCTION__ = "int main(int, char**)" argi = 2 pthread2_id = 140737325587104 L_maxSocketPresent = 0 slave_masterSet = false (gdb) quit A debugging session is active. Inferior 1 [process 4586] will be killed. Quit anyway? (y or n) y -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (700, 'testing'), (600, 'unstable'), (550, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-3-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages sip-tester depends on: ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib ii libgcc1 1:4.5.0-2 GCC support library ii libncurses5 5.7+20100313-2 shared libraries for terminal hand ii libpcap0.8 1.1.1-2 system interface for user-level pa ii libssl0.9.8 0.9.8n-1 SSL shared libraries ii libstdc++6 4.4.4-1 The GNU Standard C++ Library v3 -- bye, pabs http://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
