segfault in libconfuse when using include() in cfg_parse_buf
the following (hello.c) modified version of the "hello world" example
from the tutorial segfaults when running with the "--buffer" option, as
shown by the following backtrace from a linux amd64 system :
Program received signal SIGSEGV, Segmentation fault.
0x0000000000404515 in cfg_yy_load_buffer_state () at lexer.c:1707
1707 (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars;
#0 0x0000000000404515 in cfg_yy_load_buffer_state () at lexer.c:1707
#1 0x0000000000404a9d in cfg_yy_switch_to_buffer (new_buffer=0x0) at
#2 0x0000000000404b3c in cfg_scan_string_end () at lexer.l:340
#3 0x0000000000403fe1 in cfg_parse_buf (cfg=<value optimized out>,
buf=0x60a310 "include (\"name.conf\")\n") at confuse.c:1088
#4 0x000000000040179c in main (argc=<value optimized out>,
argv=0x7fff13cd3108) at hello.c:33
the obvious patch avoids the segfault but interrupts the configuration
processing after the include is completed and is therefore incorrect :
looking at the cfg_include code it would seem that most of it is designed
to manipulate file buffers and therefore string manipulation (specially
as used in cfg_scan_string_*) for memory buffers isn't expected to be used
in this context.
does anyone with a better insight into libconfuse internals could comment?
and if that is the case is there a better way to signal and error other
than a segfault?
[RFC] avoid sefgault when using include while cfg_parse_buf
In reply to this post by Carlo Marcelo Arenas Belon
the following prevents the segfault reported in this thread (tested with
trunk in Fedora 10 x86) and avoids the truncated parsing of the
configuration file restoring functionality (at least for the test case).
it strangely partially reverting a change committed in version 1.9 of the
lexer and that has a log that says :
"fixed segfault with include-files and parsing from strings"
anyone has any comments on this that could help verify whatever was
fixed at that time is not regressed with this fix?