Debian Bug report logs - #315120
apt-spy: segfault with updated mirror list

version graph

Package: apt-spy; Maintainer for apt-spy is Stefano Canepa <sc@linux.it>; Source for apt-spy is src:apt-spy.

Reported by: Nathan Conrad <conrad@bungled.net>

Date: Mon, 20 Jun 2005 17:48:02 UTC

Severity: grave

Tags: patch

Found in versions 3.1-13, apt-spy/3.1-14

Done: Stephen Stafford <bagpuss@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Stephen Stafford <bagpuss@debian.org>:
Bug#315120; Package apt-spy. Full text and rfc822 format available.

Acknowledgement sent to Nathan Conrad <conrad@bungled.net>:
New Bug report received and forwarded. Copy sent to Stephen Stafford <bagpuss@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Nathan Conrad <conrad@bungled.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apt-spy: segfault with updated mirror list
Date: Mon, 20 Jun 2005 13:36:15 -0400
Package: apt-spy
Version: 3.1-13
Severity: important

Apt-spy segfaults when searching for a fast mirror.

Reproducable on both i386 and PPC:

1) Install apt-spy
2) apt-spy update
3) apt-spy -d testing -o /tmp/test.out
4) apt-spy segfaults
-Nathan

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: powerpc (ppc)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.4.25-ben1
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages apt-spy depends on:
ii  libc6                       2.3.2.ds1-22 GNU C Library: Shared libraries an
ii  libcurl3                    7.13.2-2     Multi-protocol file transfer libra

-- no debconf information



Severity set to `grave'. Request was from Stephen Stafford <ssta@linuxops.net> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Stafford <bagpuss@debian.org>:
Bug#315120; Package apt-spy. Full text and rfc822 format available.

Acknowledgement sent to Steve Langasek <vorlon@debian.org>:
Extra info received and forwarded to list. Copy sent to Stephen Stafford <bagpuss@debian.org>. Full text and rfc822 format available.

Message #12 received at 315120@bugs.debian.org (full text, mbox):

From: Steve Langasek <vorlon@debian.org>
To: 315120@bugs.debian.org
Subject: Re: apt-spy: segfault with updated mirror list
Date: Thu, 7 Jul 2005 01:56:22 -0700
[Message part 1 (text/plain, inline)]
I can't seem to reproduce this bug with an etch system (or at least, it
takes a very long time testing mirrors -- hours -- before it segfaults).
Is this bug actually confirmed?

Thanks,
-- 
Steve Langasek
postmodern programmer
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Stafford <bagpuss@debian.org>:
Bug#315120; Package apt-spy. Full text and rfc822 format available.

Acknowledgement sent to Masami Ichikawa <hangar-18@mub.biglobe.ne.jp>:
Extra info received and forwarded to list. Copy sent to Stephen Stafford <bagpuss@debian.org>. Full text and rfc822 format available.

Message #17 received at 315120@bugs.debian.org (full text, mbox):

From: Masami Ichikawa <hangar-18@mub.biglobe.ne.jp>
To: 315120@bugs.debian.org
Subject: Re: Re: apt-spy: segfault with updated mirror list
Date: Fri, 08 Jul 2005 20:25:40 +0900
Hi.

I could reproduce this bug.(using sid)

I rebuild apt-spy, without dh_string.

It's log.

[masami@debian:/home/masami]$ dpkg -l | grep apt-spy
ii  apt-spy                                      3.1-13
writes a sources.list file based on bandwidth tests
[masami@debian:/home/masami/hoge/apt-spy-3.1]$ sudo apt-spy update
Updating...
Grabbing file http://http.us.debian.org/debian/README.mirrors.txt...
Update complete. Exiting.
[masami@debian:/home/masami/hoge/apt-spy-3.1]$ gdb /usr/bin/apt-spy
GNU gdb 6.3-debian
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-linux"...Using host libthread_db
library "/lib/tls/libthread_db.so.1".

(gdb) directory .
Source directories searched: /home/masami/hoge/apt-spy-3.1:$cdir:$cwd
(gdb) r -d testing -o /tmp/test.out
Starting program: /usr/bin/apt-spy -d testing -o /tmp/test.out

Program received signal SIGSEGV, Segmentation fault.
0xb7edeece in mallopt () from /lib/tls/libc.so.6
(gdb) bt
#0  0xb7edeece in mallopt () from /lib/tls/libc.so.6
#1  0xb7edddcb in free () from /lib/tls/libc.so.6
#2  0x0804a15e in build_area_file (config_p=0x804dca0, infile_p=0x804db20,
    mirror_list=0x804d9b8, area=0x804c640 "ALL") at parse.c:103
#3  0x08049c35 in main (argc=0, argv=0xbffff7e8) at main.c:240
(gdb) frame 2
#2  0x0804a15e in build_area_file (config_p=0x804dca0, infile_p=0x804db20,
    mirror_list=0x804d9b8, area=0x804c640 "ALL") at parse.c:103
103                             free(inputline);
(gdb) list
98
99                      while ((inputline = get_mirrors(mirror_list)) !=
NULL) {
100
101                             /* We now write the line to the
temporary file */
102                             fputs(inputline, infile_p);
103                             free(inputline);
104
105                             if ((ferror(infile_p)) != 0) {  /* Check
for file error */
106                                     free(line);
107                                     return 1;
(gdb) p inputline
$1 = 0x80db8d8
"linux.sarang.net:/mirror/os/linux/distribution/debian/:/ftp/mirror/os/linux/distribution/debian/i386:\n"
(gdb) printf "%d\n", strlen(inputline)
102
(gdb)

inputline was allocated by get_mirrors().
(100bytes allocated)
but, inputline has 102 bytes character.
100bytes is not enough buffer size.

sorry my English is not enough.
thanks.
-- 
/*
 * Masami Ichikawa
 * mailto: hangar-18@mub.biglobe.ne.jp
 */



Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Stafford <bagpuss@debian.org>:
Bug#315120; Package apt-spy. Full text and rfc822 format available.

Acknowledgement sent to Stephen Stafford <ssta@linuxops.net>:
Extra info received and forwarded to list. Copy sent to Stephen Stafford <bagpuss@debian.org>. Full text and rfc822 format available.

Message #22 received at 315120@bugs.debian.org (full text, mbox):

From: Stephen Stafford <ssta@linuxops.net>
To: Steve Langasek <vorlon@debian.org>, 315120@bugs.debian.org
Subject: Re: Bug#315120: apt-spy: segfault with updated mirror list
Date: Fri, 08 Jul 2005 16:57:18 +0100
Quoting Steve Langasek <vorlon@debian.org>:

> I can't seem to reproduce this bug with an etch system (or at least, it
> takes a very long time testing mirrors -- hours -- before it segfaults).
> Is this bug actually confirmed?
>

Hi Steve,

I've confirmed it with sarge and sid.  You can shorten the time it takes to
check mirrors with "-e 3" or similar.  However you should see the segfault
before any mirrors are tested since it's happening during the parsing of the
mirror list.  Did you "apt-spy update" before trying?

ssta@eprdocs:~$ apt-spy -d foo -o foo.list
Segmentation fault

The problem appears to be that the format of the README.mirrors.txt file has
changed to add an "architectures" column.  Unfortunately, due to a chronic
attack of Real Life[tm] I've not had a chance to chase it properly.

We may have to change the format of the mirrors file back (which will 'fix' it
trivially), or keep the new format, but with a new name.  Again this will 'fix'
it trivially.

I wasn't aware that the team responsible for that file were going to change the
format, so I wasn't watching for this.  Apologies for lack of vigilance.

I'll do my best to find time to chase this and come up with a fix next week.

Cheers,
Stephen

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.



Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Stafford <bagpuss@debian.org>:
Bug#315120; Package apt-spy. Full text and rfc822 format available.

Acknowledgement sent to Steve Langasek <vorlon@debian.org>:
Extra info received and forwarded to list. Copy sent to Stephen Stafford <bagpuss@debian.org>. Full text and rfc822 format available.

Message #27 received at 315120@bugs.debian.org (full text, mbox):

From: Steve Langasek <vorlon@debian.org>
To: Stephen Stafford <ssta@linuxops.net>
Cc: 315120@bugs.debian.org
Subject: Re: Bug#315120: apt-spy: segfault with updated mirror list
Date: Fri, 8 Jul 2005 14:09:16 -0700
[Message part 1 (text/plain, inline)]
On Fri, Jul 08, 2005 at 04:57:18PM +0100, Stephen Stafford wrote:
> Quoting Steve Langasek <vorlon@debian.org>:

> > I can't seem to reproduce this bug with an etch system (or at least, it
> > takes a very long time testing mirrors -- hours -- before it segfaults).
> > Is this bug actually confirmed?

> Hi Steve,

> I've confirmed it with sarge and sid.  You can shorten the time it takes to
> check mirrors with "-e 3" or similar.  However you should see the segfault
> before any mirrors are tested since it's happening during the parsing of the
> mirror list.  Did you "apt-spy update" before trying?

Aha, I guess I missed the apt-spy update step.  Yep, perfectly reproducible
here now as well.

> ssta@eprdocs:~$ apt-spy -d foo -o foo.list
> Segmentation fault
> 
> The problem appears to be that the format of the README.mirrors.txt file has
> changed to add an "architectures" column.  Unfortunately, due to a chronic
> attack of Real Life[tm] I've not had a chance to chase it properly.
> 
> We may have to change the format of the mirrors file back (which will 'fix' it
> trivially), or keep the new format, but with a new name.  Again this will 'fix'
> it trivially.
> 
> I wasn't aware that the team responsible for that file were going to change the
> format, so I wasn't watching for this.  Apologies for lack of vigilance.
> 
> I'll do my best to find time to chase this and come up with a fix next week.

I think there is other software in sarge that already uses this architecture
field, unfortunately.  Perhaps it would be easier to get an apt-spy update
into sarge that supports the new format.

Cheers,
-- 
Steve Langasek
postmodern programmer
[signature.asc (application/pgp-signature, inline)]

Tags added: sid, etch, sarge Request was from Justin Pryzby <justinpryzby@users.sourceforge.net> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Stafford <bagpuss@debian.org>:
Bug#315120; Package apt-spy. Full text and rfc822 format available.

Acknowledgement sent to Justin Pryzby <justinpryzby@users.sourceforge.net>:
Extra info received and forwarded to list. Copy sent to Stephen Stafford <bagpuss@debian.org>. Full text and rfc822 format available.

Message #34 received at 315120@bugs.debian.org (full text, mbox):

From: Justin Pryzby <justinpryzby@users.sourceforge.net>
To: 315120@bugs.debian.org, control@bugs.debian.org
Subject: fixed with my patch
Date: Sat, 9 Jul 2005 19:49:26 -0400
tags 315120 patch
thanks

This SEGV is fixed with my patch to #317591.

Justin



Tags added: patch Request was from Justin Pryzby <justinpryzby@users.sourceforge.net> to control@bugs.debian.org. Full text and rfc822 format available.

Tags removed: sarge, sid, etch Request was from Justin Pryzby <justinpryzby@users.sf.net> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Stafford <bagpuss@debian.org>:
Bug#315120; Package apt-spy. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nico@ngolde.de>:
Extra info received and forwarded to list. Copy sent to Stephen Stafford <bagpuss@debian.org>.

Your message did not contain a Subject field. They are recommended and useful because the title of a Bug is determined using this field. Please remember to include a Subject field in your messages in future.

Full text and rfc822 format available.


Message #43 received at 315120@bugs.debian.org (full text, mbox):

From: Nico Golde <nico@ngolde.de>
To: 315120@bugs.debian.org
Date: Sat, 8 Oct 2005 16:54:06 +0200
[Message part 1 (text/plain, inline)]
hi,
what about this bug? no new package in the wild?
regards nico

-- 
Nico Golde - JAB: nion@jabber.ccc.de | GPG: 0x73647CFF
http://www.ngolde.de | http://www.muttng.org | http://grml.org 
$ route add default roma.it
[Message part 2 (application/pgp-signature, inline)]

Reply sent to Stephen Stafford <bagpuss@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Nathan Conrad <conrad@bungled.net>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #48 received at 315120-close@bugs.debian.org (full text, mbox):

From: Stephen Stafford <bagpuss@debian.org>
To: 315120-close@bugs.debian.org
Subject: Bug#315120: fixed in apt-spy 3.1-14
Date: Sun, 16 Oct 2005 06:02:07 -0700
Source: apt-spy
Source-Version: 3.1-14

We believe that the bug you reported is fixed in the latest version of
apt-spy, which is due to be installed in the Debian FTP archive:

apt-spy_3.1-14.diff.gz
  to pool/main/a/apt-spy/apt-spy_3.1-14.diff.gz
apt-spy_3.1-14.dsc
  to pool/main/a/apt-spy/apt-spy_3.1-14.dsc
apt-spy_3.1-14_i386.deb
  to pool/main/a/apt-spy/apt-spy_3.1-14_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 315120@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stephen Stafford <bagpuss@debian.org> (supplier of updated apt-spy package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 16 Oct 2005 12:42:22 +0000
Source: apt-spy
Binary: apt-spy
Architecture: source i386
Version: 3.1-14
Distribution: unstable
Urgency: low
Maintainer: Stephen Stafford <bagpuss@debian.org>
Changed-By: Stephen Stafford <bagpuss@debian.org>
Description: 
 apt-spy    - writes a sources.list file based on bandwidth tests
Closes: 315120 317585 317586 317588 317589 317593
Changes: 
 apt-spy (3.1-14) unstable; urgency=low
 .
   [ ssta ]
   * Change build-depends on libcurl3-dev to libcurl3-openssl-dev
   * Apply some patches from Justin Pryzby (Thanks Justin, apologies it's
     taken me so long!)
     - Patch to fix the mirror file screwup which caused apy-spy to segfault
       every time. It removes some arbitrary limits. (Closes: #315120 #317591)
     - Change the malloc of country_file so it's not mallocing its own length
       (Closes: #317585)
     - Apply patch which uses sprintf instead of strncat in file.c
       (Closes: #317589)
     - Apply patch to fix small memory leak (Closes: #317593)
     - s/LICENSE/COPYRIGHT/ in *.c  (Closes: #317588)
     - add a break statement to write_top() (Closes: #317586)
 .
   [ Stephen Stafford ]
   *
Files: 
 a8b43929c3984137e04e15dde12944c7 583 admin optional apt-spy_3.1-14.dsc
 ff44795fc807c7314cf50d01aa00f6b1 23405 admin optional apt-spy_3.1-14.diff.gz
 7dd766a5f5c80e42f5315e9ed15bc1a0 28276 admin optional apt-spy_3.1-14_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDUkxPFwmY7Xa4pD0RAi2UAKCLM75cT+l1Q1Sy+RJ3/DIiUIwffgCeKRw4
oQ27hPOgDkqqUSHHZZiCBWo=
=C8Oi
-----END PGP SIGNATURE-----




Information forwarded to debian-bugs-dist@lists.debian.org, DebianBugs@TopQuark.net, Stephen Stafford <bagpuss@debian.org>:
Bug#315120; Package apt-spy. Full text and rfc822 format available.

Acknowledgement sent to Paul Donohue <DebianBugs@TopQuark.net>:
Extra info received and forwarded to list. Copy sent to DebianBugs@TopQuark.net, Stephen Stafford <bagpuss@debian.org>. Full text and rfc822 format available.

Message #53 received at 315120@bugs.debian.org (full text, mbox):

From: Paul Donohue <DebianBugs@TopQuark.net>
To: Debian Bug Tracking System <315120@bugs.debian.org>
Subject: apt-spy: still segfaulting...
Date: Wed, 11 Jan 2006 12:03:15 -0500
Package: apt-spy
Version: 3.1-14
Followup-For: Bug #315120


apt-spy still seems to be having problems:

$ apt-spy -d testing -s US -o ./sources.list

SERVER: ftp.us.debian.org
Benchmarking FTP...
                Downloaded 30845091 bytes in 15.13 seconds
                Download speed: 1990.31 kB/sec
Benchmarking HTTP...
                Downloaded 30845091 bytes in 14.66 seconds
                Download speed: 2054.19 kB/sec
Segmentation fault
$

running 'apt-spy update' first doesn't seem to help

Reverting to 3.1-13 fixes the problem (assuming you don't run 'apt-spy update' again and trigger the segfault mentioned earlier).

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-686-smp
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages apt-spy depends on:
ii  libc6                         2.3.5-8    GNU C Library: Shared libraries an
ii  libcurl3                      7.15.1-1   Multi-protocol file transfer libra

apt-spy recommends no packages.

-- no debconf information



Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 17 Jun 2007 18:03:01 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 15:35:45 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.