Bug#538149: marked as done (Segfaults when loading a track log)

Thu, 23 Jul 2009 09:30:32 -0700 

Your message dated Thu, 23 Jul 2009 15:49:31 +0000
with message-id <e1mu0xz-0002vc...@ries.debian.org>
and subject line Bug#538149: fixed in tangogps 0.9.6-6
has caused the Debian Bug report #538149,
regarding Segfaults when loading a track log
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
538149: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538149
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: tangogps
Version: 0.9.6-5
Severity: serious
Tags: patch

Hello,

tangogps segfaults when I try to load a log file.

I've recompiled it with "-O0 -g" to get a backtrace:

+++++++++++++++++++++++++++++++++++++++++++ 
/home/enrico/.tangogps/Maps/20090721_181312.log 

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f3f79225780 (LWP 25051)]
0x00007f3f75c429bc in ?? () from /lib/libc.so.6
(gdb) where
#0  0x00007f3f75c429bc in ?? () from /lib/libc.so.6
#1  0x0000000000433597 in tracks_on_file_button_release_event (widget=0xb3ac90, 
event=0xa868f0, user_data=0xae3990)
    at tracks.c:146
#2  0x00007f3f78c88958 in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#3  0x00007f3f76f7911d in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#4  0x00007f3f76f8cc2b in ?? () from /usr/lib/libgobject-2.0.so.0
#5  0x00007f3f76f8dead in g_signal_emit_valist () from 
/usr/lib/libgobject-2.0.so.0
#6  0x00007f3f76f8e4f3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#7  0x00007f3f78d9098e in ?? () from /usr/lib/libgtk-x11-2.0.so.0
#8  0x00007f3f78c811f3 in gtk_propagate_event () from 
/usr/lib/libgtk-x11-2.0.so.0
#9  0x00007f3f78c82313 in gtk_main_do_event () from /usr/lib/libgtk-x11-2.0.so.0
#10 0x00007f3f77ff5cbc in ?? () from /usr/lib/libgdk-x11-2.0.so.0
#11 0x00007f3f76adef7a in g_main_context_dispatch () from 
/usr/lib/libglib-2.0.so.0
#12 0x00007f3f76ae2640 in ?? () from /usr/lib/libglib-2.0.so.0
#13 0x00007f3f76ae2b0d in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#14 0x00007f3f78c82727 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#15 0x0000000000409780 in main (argc=1, argv=0x7fff813646e8) at main.c:62
(gdb) 

The problem is here (src/tracks.c):

        arr = g_strsplit(line, ",", 2);
        lat_tmp = atof(arr[0]);
        lon_tmp = atof(arr[1]);

g_strsplit returns a NULL-terminated array. If the string contains no
commas, arr[1] will be NULL. If the string is empty, arr[0] will also be
NULL. These should be checked.

In my case, the log file was truncated (maybe the openmoko ran out of
battery, whatever) and it ends with:

  [...]
  39.467490,-6.369044,438.5,0.9,192.5,1.6,2009-07-21T21:52:33Z
  39.467490,-6.369044,438.5,0.9,192.5,1.6,2009-07-21T21:52:33Z
  39.467468,-6.369055,438.4,2.1,206.1,1.6,2009-07-21T21:52:35Z
  39.46746

The last line obviosuly trigger the issue.

The fix is just adding, after g_strsplit, something like this:

  // Drop corrupted or incomplete lines
  if (arr[0] == NULL || arr[1] == NULL) continue;

I made a patch and I have tested it. Please find it attached.


Ciao,

Enrico

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.29-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages tangogps depends on:
ii  libatk1.0-0                  1.26.0-1    The ATK accessibility toolkit
ii  libc6                        2.9-12      GNU C Library: Shared libraries
ii  libcairo2                    1.8.6-2+b1  The Cairo 2D vector graphics libra
ii  libcurl3-gnutls              7.19.5-1    Multi-protocol file transfer libra
ii  libexif12                    0.6.17-1    library to parse EXIF files
ii  libfontconfig1               2.6.0-4     generic font configuration library
ii  libfreetype6                 2.3.9-4.1   FreeType 2 font engine, shared lib
ii  libgconf2-4                  2.26.2-1    GNOME configuration database syste
ii  libglib2.0-0                 2.20.1-2    The GLib library of C routines
ii  libgtk2.0-0                  2.16.1-2    The GTK+ graphical user interface 
ii  libpango1.0-0                1.24.0-3+b1 Layout and rendering of internatio
ii  libsqlite3-0                 3.6.14.2-1  SQLite 3 shared library

Versions of packages tangogps recommends:
ii  gpsd                          2.39-2     GPS (Global Positioning System) da

Versions of packages tangogps suggests:
ii  python                        2.5.4-2    An interactive high-level object-o

-- no debconf information

diff -Naur tangogps-0.9.6.old/src/tracks.c tangogps-0.9.6/src/tracks.c
--- tangogps-0.9.6.old/src/tracks.c	2009-02-05 00:54:27.000000000 +0100
+++ tangogps-0.9.6/src/tracks.c	2009-07-23 16:37:37.000000000 +0200
@@ -139,7 +139,7 @@
 		trackpoint_t *tp = g_new0(trackpoint_t,1);
 		
 		arr = g_strsplit(line, ",", 2);
-		
+		if (arr[0] == NULL || arr[1] == NULL) continue;
 		
 		
 		lat_tmp = atof(arr[0]);

--- End Message ---
--- Begin Message --- 
Source: tangogps
Source-Version: 0.9.6-6

We believe that the bug you reported is fixed in the latest version of
tangogps, which is due to be installed in the Debian FTP archive:

tangogps_0.9.6-6.diff.gz
  to pool/main/t/tangogps/tangogps_0.9.6-6.diff.gz
tangogps_0.9.6-6.dsc
  to pool/main/t/tangogps/tangogps_0.9.6-6.dsc
tangogps_0.9.6-6_i386.deb
  to pool/main/t/tangogps/tangogps_0.9.6-6_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 538...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Baumann <dan...@debian.org> (supplier of updated tangogps package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 23 Jul 2009 17:02:10 +0200
Source: tangogps
Binary: tangogps
Architecture: source i386
Version: 0.9.6-6
Distribution: unstable
Urgency: low
Maintainer: Daniel Baumann <dan...@debian.org>
Changed-By: Daniel Baumann <dan...@debian.org>
Description: 
 tangogps   - GTK+ mapping and GPS application
Closes: 538149
Changes: 
 tangogps (0.9.6-6) unstable; urgency=low
 .
   * Correcting wrong email address in previous changelog entry.
   * Adding patch from Enrico Zini <enr...@debian.org> to fix segfault
     when loading an incomplete track log (Closes: #538149).
   * Upgrading package to standards version 3.8.2.
Checksums-Sha1: 
 d23a7c2f11b463e54b23a02e6a64c3fe1f8c7232 1199 tangogps_0.9.6-6.dsc
 e12c2a12dd7479ac5c5cd65637cc1334e6335773 6768 tangogps_0.9.6-6.diff.gz
 46b39e0460087f420cc5e03345c67f3cf64ac61f 134480 tangogps_0.9.6-6_i386.deb
Checksums-Sha256: 
 8336650a5ee5f5cea95e2c2e2bb66d5b0e2c144650a535dc33af8aeeb88e298d 1199 
tangogps_0.9.6-6.dsc
 961a3c23bdf76425623ed5c4cdf35a0bf31c7cb8be618e037346ca2d22a467a8 6768 
tangogps_0.9.6-6.diff.gz
 8fa56b0fb0a119c475cde8afc0bda44ed74dac8d350d32a6e2a408367e619eb4 134480 
tangogps_0.9.6-6_i386.deb
Files: 
 0e300dcd1526a667e7a201bc424ad6d0 1199 comm optional tangogps_0.9.6-6.dsc
 d29df64dfcd4b91f5e159cc9d7acf8a9 6768 comm optional tangogps_0.9.6-6.diff.gz
 339f58bd5f7d1e87a405f5f9f9f54d37 134480 comm optional tangogps_0.9.6-6_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkpoe+QACgkQ+C5cwEsrK54/MwCgxKUtKJCwKWeloR94PUvLDd0d
zTMAnju5ijTK2LHppVzehYzYKcymWQSm
=8TCM
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to