gvfsd-http crashed with SIGSEGV in soup_str_case_hash()

Bug #216763 reported by Anders Pamdal on 2008-04-13
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gvfs
Invalid
Undecided
Unassigned
libsoup
Fix Released
Critical
gvfs (Ubuntu)
Medium
Ubuntu Desktop Bugs
libsoup2.4 (Ubuntu)
Medium
Unassigned

Bug Description

Binary package hint: gvfs

Saved a document (html file) in bluefish webeditor v1.0.7

ProblemType: Crash
Architecture: amd64
Date: Sun Apr 13 14:21:03 2008
DistroRelease: Ubuntu 8.04
ExecutablePath: /usr/lib/gvfs/gvfsd-http
NonfreeKernelModules: ath_hal nvidia
Package: gvfs-backends 0.2.3-0ubuntu1
PackageArchitecture: amd64
ProcCmdline: /usr/lib/gvfs/gvfsd-http --spawner :1.4 /org/gtk/gvfs/exec_spaw/2
ProcEnviron:
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
 LANG=sv_SE.UTF-8
 SHELL=/bin/bash
Signal: 11
SourcePackage: gvfs
StacktraceTop:
 soup_str_case_hash () from /usr/lib/libsoup-2.4.so.1
 soup_uri_host_hash () from /usr/lib/libsoup-2.4.so.1
 g_hash_table_lookup ()
 ?? () from /usr/lib/libsoup-2.4.so.1
 soup_session_get_connection ()
Title: gvfsd-http crashed with SIGSEGV in soup_str_case_hash()
Uname: Linux 2.6.24-16-generic x86_64
UserGroups: adm admin audio cdrom dialout dip floppy fuse lpadmin plugdev video
SegvAnalysis:
 Segfault happened at: 0x7f4e83cb5779 <soup_str_case_hash+9>: movsbl (%rdi),%edi
 PC (0x7f4e83cb5779) ok
 source "(%rdi)" (0x00000000) not located in a known VMA region (needed readable region)!
 destination "%edi" ok
SegvReason: reading NULL VMA

Anders Pamdal (anders-pamdal) wrote :

StacktraceTop:soup_uri_host_hash (key=<value optimized out>)
IA__g_hash_table_lookup (hash_table=0x62e2c0,
get_host_for_message (session=0x641830, msg=0x641970)
soup_session_get_connection (session=0x641830,
run_queue (sa=<value optimized out>)

Changed in gvfs:
importance: Undecided → Medium
Sebastien Bacher (seb128) wrote :

Thanks for your bug report. This bug has been reported to the developers of the software. You can track it and make comments here: http://bugzilla.gnome.org/show_bug.cgi?id=528882

Changed in gvfs:
assignee: nobody → desktop-bugs
status: New → Triaged
Changed in gvfs:
status: Unknown → New
Changed in gvfs:
status: New → Incomplete
Changed in libsoup2.4:
importance: Undecided → Medium
status: New → Triaged
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libsoup2.4 - 2.23.91-0ubuntu1

---------------
libsoup2.4 (2.23.91-0ubuntu1) intrepid; urgency=low

  * New upstream version:
    - Fixed a crash in gvfs [#528882], though there is still an unknown bug
      there. As part of this fix, libsoup will now return an error if you try
      to do an operation on a non-HTTP URI. (lp: #216763)
      (Previously it was just treating any URI scheme except "https" as HTTP.)
    - Added soup_date_to_timeval() for gvfs.
  * debian/rules:
    - updated shlibs version

 -- Sebastien Bacher <email address hidden> Tue, 02 Sep 2008 11:28:09 +0200

Changed in libsoup2.4:
status: Triaged → Fix Released
Sebastien Bacher (seb128) wrote :

upstream bug comment

"This crash can only happen if something is trying to use libsoup to request a
URI that (a) has no hostname, and (b) is not http or https.

"???"

I've fixed libsoup to be pickier about the URIs it accepts. But this might just
push the crash to somewhere else in gvfsd-http. (Previously
soup_message_new_with_uri() would never fail, even if you passed a completely
bogus URI. Now it can return NULL.)

Another possibility is that it's the webdav server's fault, because it's
returning a totally broken redirect like:

    HTTP/1.1 301 Moved Permanently
    Location: C:\Documents and Settings\blah\blah

Previously, that would have triggered this crash. Now it will just cause the
message to finish with status SOUP_STATUS_MALFORMED.

Reassigning back to gvfs and NEEDINFO'ing, since there's still going to be
*something* wrong when the reporter tries the new libsoup."

could you try using the new version?

Changed in gvfs:
status: Triaged → Incomplete
Changed in gvfs:
status: Incomplete → New
Changed in gvfs:
status: Incomplete → Triaged
Anders Pamdal (anders-pamdal) wrote :

Now it works... bug can be closed... Thanks..

Kees Cook (kees) on 2009-09-16
description: updated

Closing the wrong gvfs task.

Changed in gvfs (Ubuntu):
status: Triaged → Invalid
Changed in gvfs:
importance: Unknown → Undecided
status: New → Invalid
Changed in libsoup:
importance: Unknown → Critical
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.