[Rd] [R] crush in edit()
Ei-ji Nakama
nakama at ki.rim.or.jp
Wed Oct 18 05:24:45 CEST 2006
It is a problem by stack smashing protector.
--- src/modules/X11/dataentry.c.orig 2006-09-04 23:41:34.000000000 +0900
+++ src/modules/X11/dataentry.c 2006-10-18 11:31:43.000000000 +0900
@@ -1046,7 +1046,7 @@
for(j=0;*(wcspc+j)!=L'\0';j++)wcs[j]=*(wcspc+j);
wcs[j]=L'\0';
w_p=wcs;
- cnt=wcsrtombs(s,(const wchar_t **)&w_p,sizeof(wcs),NULL);
+ cnt=wcsrtombs(s,(const wchar_t **)&w_p,sizeof(s)-1,NULL);
s[cnt]='\0';
if (textwidth(s, strlen(s)) < (bw - text_offset)) break;
*(++wcspc) = L'<';
@@ -1056,7 +1056,7 @@
for(j=0;*(wcspc+j)!=L'\0';j++)wcs[j]=*(wcspc+j);
wcs[j]=L'\0';
w_p=wcs;
- cnt=wcsrtombs(s,(const wchar_t **)&w_p,sizeof(wcs),NULL);
+ cnt=wcsrtombs(s,(const wchar_t **)&w_p,sizeof(s)-1,NULL);
s[cnt]='\0';
if (textwidth(s, strlen(s)) < (bw - text_offset)) break;
*(wcspbuf + i - 2) = L'>';
@@ -1066,7 +1066,7 @@
for(j=0;*(wcspc+j)!=L'\0';j++) wcs[j]=*(wcspc+j);
wcs[j]=L'\0';
w_p=wcs;
- cnt=wcsrtombs(s,(const wchar_t **)&w_p,sizeof(wcs),NULL);
+ cnt=wcsrtombs(s,(const wchar_t **)&w_p,sizeof(s)-1,NULL);
drawtext(x_pos + text_offset, y_pos + box_h - text_offset, s, cnt);
@@ -2398,6 +2398,7 @@
int cnt;
char last_mbs[8];
char *mbs;
+ size_t bytes;
mbs = (str == NULL) ? buf : str;
@@ -2411,8 +2412,8 @@
if(wcs[0] == L'\0') return 0;
memset(last_mbs, 0, sizeof(last_mbs));
- wcrtomb(last_mbs, wcs[cnt-1], &mb_st);
- return(strlen(last_mbs));
+ bytes=wcrtomb(last_mbs, wcs[cnt-1], &mb_st); /* -Wall */
+ return(bytes);
#else
return(1);
#endif
2006/10/18, crazybuddy Vincent <crazyvincent at gmail.com>:
> Dear all,
>
> I am new to R system. When I tried to edit data read from a csv file, R
> system crushed, I got an error message as follows:
>
> > edit(data)
> *** buffer overflow detected ***: /usr/lib/R/bin/exec/R terminated
> ======= Backtrace: =========
> /lib/libc.so.6(__chk_fail+0x41)[0x49d020b1]
> /lib/libc.so.6[0x49d034a2]
> /usr/lib/R/modules//R_X11.so[0x33ed7a]
> /usr/lib/R/modules//R_X11.so[0x34050d]
> /usr/lib/R/modules//R_X11.so[0x341858]
> /usr/lib/R/modules//R_X11.so(RX11_dataentry+0xa25)[0x342f45]
> /usr/lib/R/lib/libR.so[0xa34675]
> /usr/lib/R/lib/libR.so[0x954ed6]
> /usr/lib/R/lib/libR.so(Rf_eval+0x483)[0x925b23]
> /usr/lib/R/lib/libR.so[0x929ed8]
> /usr/lib/R/lib/libR.so(Rf_eval+0x483)[0x925b23]
> /usr/lib/R/lib/libR.so[0x926a37]
> /usr/lib/R/lib/libR.so(Rf_eval+0x483)[0x925b23]
> /usr/lib/R/lib/libR.so(Rf_applyClosure+0x2a7)[0x928117]
> /usr/lib/R/lib/libR.so[0x95661f]
> /usr/lib/R/lib/libR.so(Rf_usemethod+0x609)[0x957a89]
> /usr/lib/R/lib/libR.so[0x95825e]
> /usr/lib/R/lib/libR.so(Rf_eval+0x483)[0x925b23]
> /usr/lib/R/lib/libR.so(Rf_applyClosure+0x2a7)[0x928117]
> /usr/lib/R/lib/libR.so(Rf_eval+0x2f4)[0x925994]
> /usr/lib/R/lib/libR.so(Rf_ReplIteration+0x311)[0x945361]
> /usr/lib/R/lib/libR.so[0x945571]
> /usr/lib/R/lib/libR.so(run_Rmainloop+0x60)[0x9458c0]
> /usr/lib/R/lib/libR.so(Rf_mainloop+0x1c)[0x9458ec]
> /usr/lib/R/bin/exec/R(main+0x46)[0x80486f6]
> /lib/libc.so.6(__libc_start_main+0xdc)[0x49c3b4e4]
> /usr/lib/R/bin/exec/R[0x80485f1]
> ======= Memory map: ========
> 00111000-0012f000 r-xp 00000000 fd:00 16943095
> /usr/lib/R/library/grDevices/libs/grDevices.so
> 0012f000-00130000 rwxp 0001d000 fd:00 16943095
> /usr/lib/R/library/grDevices/libs/grDevices.so
> 00130000-00181000 r-xp 00000000 fd:00 16976568
> /usr/lib/R/library/stats/libs/stats.so
> 00181000-00183000 rwxp 00051000 fd:00 16976568
> /usr/lib/R/library/stats/libs/stats.so
> 00339000-00352000 r-xp 00000000 fd:00 15959326 /usr/lib/R/modules/R_X11.so
> 00352000-00353000 rwxp 00018000 fd:00 15959326 /usr/lib/R/modules/R_X11.so
> 00353000-0035f000 rwxp 00353000 00:00 0
> 00480000-00496000 r-xp 00000000 fd:00 15303387 /usr/lib/gconv/SJIS.so
> 00496000-00498000 rwxp 00015000 fd:00 15303387 /usr/lib/gconv/SJIS.so
> 0056e000-00598000 r-xp 00000000 fd:00 16452204 /usr/lib/R/lib/libRblas.so
> 00598000-00599000 rwxp 00029000 fd:00 16452204 /usr/lib/R/lib/libRblas.so
> 00848000-00851000 r-xp 00000000 fd:00 15204401 /lib/libnss_files-2.4.so
> 00851000-00852000 r-xp 00008000 fd:00 15204401 /lib/libnss_files-2.4.so
> 00852000-00853000 rwxp 00009000 fd:00 15204401 /lib/libnss_files-2.4.so
> 00885000-00abd000 r-xp 00000000 fd:00 16452203 /usr/lib/R/lib/libR.so
> 00abd000-00aca000 rwxp 00238000 fd:00 16452203 /usr/lib/R/lib/libR.so
> 00aca000-00b61000 rwxp 00aca000 00:00 0
> 00c47000-00c4d000 r-xp 00000000 fd:00 16944203
> /usr/lib/R/library/methods/libs/methods.so
> 00c4d000-00c4e000 rwxp 00005000 fd:00 16944203
> /usr/lib/R/library/methods/libs/methods.so
> 00eb6000-00f31000 r-xp 00000000 fd:00 15242987
> /usr/lib/libgfortran.so.1.0.0
> 00f31000-00f32000 rwxp 0007b000 fd:00 15242987
> /usr/lib/libgfortran.so.1.0.0
> 00f44000-00f45000 r-xp 00000000 fd:00 15303344 /usr/lib/gconv/ISO8859-1.so
> 00f45000-00f47000 rwxp 00000000 fd:00 15303344 /usr/lib/gconv/ISO8859-1.so
> 08048000-08049000 r-xp 00000000 fd:00 15796032 /usr/lib/R/bin/exec/R
> 08049000-0804a000 rwxp 00000000 fd:00 15796032 /usr/lib/R/bin/exec/R
> 09ef7000-0af9f000 rwxp 09ef7000 00:00 0 [heap]
> 49c08000-49c09000 r-xp 49c08000 00:00 0 [vdso]
> 49c09000-49c22000 r-xp 00000000 fd:00 15206828 /lib/ld-2.4.so
> 49c22000-49c23000 r-xp 00018000 fd:00 15206828 /lib/ld-2.4.so
> 49c23000-49c24000 rwxp 00019000 fd:00 15206828 /lib/ld-2.4.so
> 49c26000-49d53000 r-xp 00000000 fd:00 15206829 /lib/libc-2.4.so
> 49d53000-49d55000 r-xp 0012d000 fd:00 15206829 /lib/libc-2.4.so
> 49d55000-49d56000 rwxp 0012f000 fd:00 15206829 /lib/libc-2.4.so
> 49d56000-49d59000 rwxp 49d56000 00:00 0
> 49d5b000-49d7e000 r-xp 00000000 fd:00 15206830 /lib/libm-2.4.so
> 49d7e000-49d7f000 r-xp 00022000 fd:00 15206830 /lib/libm-2.4.so
> 49d7f000-49d80000 rwxp 00023000 fd:00 15206830 /lib/libm-2.4.so
> 49d82000-49d84000 r-xp 00000000 fd:00 15206831 /lib/libdl-2.4.so
> 49d84000-49d85000 r-xp 00001000 fd:00 15206831 /Aborted
>
> I am using R 2.4.0 i386 on Fedora core 5, any one please help me on this?
>
> Thank you very much.
>
> [[alternative HTML version deleted]]
>
> ______________________________________________
> R-help at stat.math.ethz.ch mailing list
> https://stat.ethz.ch/mailman/listinfo/r-help
> PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
> and provide commented, minimal, self-contained, reproducible code.
>
>
>
--
EI-JI Nakama <nakama at ki.rim.or.jp>
"\u4e2d\u9593\u6804\u6cbb" <nakama at ki.rim.or.jp>
More information about the R-devel
mailing list