drizzle is racist with LANG=it_IT.UTF-8

Hi Vivo!

Did you mean to use the term "racist"? More information about the stacktrace would be useful. Also, please let us know your operating system, platform, hardware arch, GCC version.

Thanks!

Jay

Hi Jay,
  yes it was meant, possibly I need to debug my humour first.

Look like that the last bzr version is not affected, or, maybe it's triggered only after make install:

buildbot@desktop-monfi ~/slave/build31/pbuild/client $ env -i LANG=it_IT.UTF-8 ./drizzle
Welcome to the Drizzle client.. Commands end with ; or \g.
Your Drizzle connection id is 3
Server version: 2009.07.1100 Source distribution (development)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

drizzle>
drizzle> Bye

Tomorrow I'll go a bit deeper on this

vivo wrote:
> Hi Jay,
> yes it was meant, possibly I need to debug my humour first.

I thought it was funny, myself.

> Look like that the last bzr version is not affected, or, maybe it's
> triggered only after make install:

But the thing below isn't actually using the po files... it's in English.

I'll also poke around to see if I can figure out why we hate Italians.
Such prejudice should be removed. :)

> buildbot@desktop-monfi ~/slave/build31/pbuild/client $ env -i LANG=it_IT.UTF-8 ./drizzle
> Welcome to the Drizzle client.. Commands end with ; or \g.
> Your Drizzle connection id is 3
> Server version: 2009.07.1100 Source distribution (development)
>
> Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
>
> drizzle>
> drizzle> Bye
>
> Tomorrow I'll go a bit deeper on this
>

Tryed a debug build, but no clue

vivo@desktop-monfi ~/tmp/drizzle $ gdb drizzle
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu"...
(gdb) run
Starting program: /usr/bin/drizzle
[Thread debugging using libthread_db enabled]
Benvenuto al client Drizzle. I comandi terminano con ; o \G.
L'identificativo della tua connessione Drizzle è 2
La versione del server 2009.07.1098 Source distribution (trunk)

*** buffer overflow detected ***: /usr/bin/drizzle terminated
[New Thread 0x7fb00852d710 (LWP 2784)]
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x3bf4afbaf7]
/lib/libc.so.6[0x3bf4af9a30]
<snip, same as before>
7fb008746000-7fb008747000 rw-p 00000000 00:00 0
7fb008747000-7fb00882d000 r-xp 00000000 09:01 725094 /usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.1/libstdc++.so.6.0.12
Program received signal SIGABRT, Aborted.
[Switching to Thread 0x7fb00852d710 (LWP 2784)]
0x0000003bf4a33855 in raise () from /lib/libc.so.6
(gdb) help bt
Print backtrace of all stack frames, or innermost COUNT frames.
With a negative argument, print outermost -COUNT frames.
Use of the 'full' qualifier also prints the values of the local variables.

(gdb) bt full
#0 0x0000003bf4a33855 in raise () from /lib/libc.so.6
No symbol table info available.
#1 0x0000003bf4a350ca in abort () from /lib/libc.so.6
No symbol table info available.
#2 0x0000003bf4a71b4d in ?? () from /lib/libc.so.6
No symbol table info available.
#3 0x0000003bf4afbaf7 in __fortify_fail () from /lib/libc.so.6
No symbol table info available.
#4 0x0000003bf4af9a30 in __chk_fail () from /lib/libc.so.6
No symbol table info available.
#5 0x0000003bf4af8d99 in ?? () from /lib/libc.so.6
No symbol table info available.
#6 0x0000003bf4a75d78 in _IO_default_xsputn () from /lib/libc.so.6
No symbol table info available.
#7 0x0000003bf4a48f81 in vfprintf () from /lib/libc.so.6
No symbol table info available.
#8 0x0000003bf4af8e3d in __vsprintf_chk () from /lib/libc.so.6
No symbol table info available.
#9 0x0000003bf4af8d7f in __sprintf_chk () from /lib/libc.so.6
No symbol table info available.
#10 0x000000000040cf24 in main (argc=1, argv=0xf24218) at /usr/include/bits/stdio2.h:35
        buff = "Scrivi 'help;' oppure '\\h' per l'aiuto. Premi '\\c' per cancellare lo storico de"
        command_error = <value optimized out>
        output_buff = <value optimized out>
(gdb) list
1137 {
1138 if (server_shutdown() == false)
1139 *error= 1;
1140 executed= true;
1141 }
1142 return executed;
1143 }
1144
1145 int main(int argc,char *argv[])
1146 {
(gdb)

confirmed for latest trunk:
Version: '2009.07.1103' Source distribution (development)

The bad line is really in main and it's a simple call to the translation function, it's possible that the po/it.po file should be sanitized? It's relevant part is this:

#: client/drizzle.cc:1319
msgid "Type 'help;' or '\\h' for help. Type '\\c' to clear the buffer.\n"
msgstr ""
"Scrivi 'help;' oppure '\\h' per l'aiuto. Premi '\\c' per cancellare lo "
"storico dei comandi.\n"

Breakpoint 1, main (argc=1, argv=0x1b8d218) at client/drizzle.cc:1284
1284 if (!status.batch && !quick)
(gdb) next
1287 if (getenv("DRIZZLE_HISTFILE"))
(gdb)
1289 else if (getenv("HOME"))
(gdb)
1291 histfile=(char*) malloc(strlen(getenv("HOME")) + strlen("/.drizzle_history") + 2);
(gdb)
1292 if (histfile)
(gdb)
1293 sprintf(histfile,"%s/.drizzle_history",getenv("HOME"));
(gdb)
35 __bos (__s), __fmt, __va_arg_pack ());
(gdb)
151 return __readlink_alias (__path, __buf, __len);
(gdb)
1296 if (sym_link_size >= 0)
(gdb)
1303 histfile= 0;
(gdb)
1307 if (histfile)
(gdb)
1309 if (verbose)
(gdb)
1311 read_history(histfile);
(gdb)
1312 if (!(histfile_tmp= (char*) malloc((uint32_t) strlen(histfile) + 5)))
(gdb)
35 __bos (__s), __fmt, __va_arg_pack ());
(gdb)
1321 _("Type 'help;' or '\\h' for help. Type '\\c' to clear the buffer.\n"));

info locals
buff = "��b\000\000\000\000\000)�A\000\000\000\000\000\n\000\000\000\000\000\000\000\200�A", '\0' <repeats 13 times>, "[G@\000\000\000\000\000P�\024�e\177\000\000��A\000\000\000\000\000�2\025�e\177\000\000\200�A\000\000\000\000"
command_error = <value optimized out>
output_buff = <value optimized out>

--- it.broken 2009-08-12 01:39:40.281275826 +0200
+++ it.po 2009-08-12 01:40:28.945270609 +0200
@@ -138,8 +138,6 @@
 #: client/drizzle.cc:1321
 msgid "Type 'help;' or '\\h' for help. Type '\\c' to clear the buffer.\n"
 msgstr ""
-"Scrivi 'help;' oppure '\\h' per l'aiuto. Premi '\\c' per cancellare lo "
-"storico dei comandi.\n"

 #: client/drizzle.cc:1340
 #, c-format

and soon after `gmake update-po`

does the trick for me

drizzle --port=3129 -u root
Benvenuto al client Drizzle. I comandi terminano con ; o \G.
L'identificativo della tua connessione Drizzle è 2
La versione del server 2009.08.1113 Source distribution (development)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

drizzle>

The problem here is actually quite sad:

int main(int argc,char *argv[])
{
  char buff[80];

We define a statically sized buff, and then we sprintf into it without regard for size. The English translation of the phrase is under 80 characters, so it just works. The Italian, on the other hand, it 90 characters, so it produces a buffer overflow.

I'm fixing this right now.

mordred@orisndriz03:~/src/drizzle/bug405501$ export LANG=it_IT.UTF-8
mordred@orisndriz03:~/src/drizzle/bug405501$ drizzle -p9306
Benvenuto nel client Drizzle. I comandi terminano con ; o \g.
L'identificativo della tua connessione Drizzle è 15
La versione del server 2009.08.1126 Source distribution (bug405501)

Scrivi 'help;' oppure '\h' per l'aiuto. Premi '\c' per cancellare lo storico dei comandi.

drizzle> Arrivederci