Segfault on oversized script

Bug #23494 reported by Timothy Brownawell on 2005-10-08
6
Affects Status Importance Assigned to Milestone
mawk (Debian)
Fix Released
Unknown
mawk (Ubuntu)
Medium
Ian Jackson

Bug Description

In the following script (from autotest), "$at_groups_pattern" is a regex "or" of
numbers up to 284 (ie, 1|2|3|...|283|284 ) . This makes mawk segfault. I realize
that this is probably due to the "compile-time limits" mentioned in the package
description (it works fine with gawk), but it should fail in some way that's more
informative than a segfault.

awk 'BEGIN { FS = ";" }
         { if ($1 !~ /^('"$at_groups_pattern"')$/) next }
         { if ($1) printf " %3d: %-18s %s\n", $1, $2, $3
           if ($4) printf " %s\n", $4 } '

Confirmed. My copy of mawk 1.3.3-11ubuntu1 on Dapper exhibits this bug. Running the attached script as 'awk-test.sh gawk' works; running it as 'awk-test mawk' causes the crash.

Changed in mawk:
status: Unconfirmed → Confirmed

Quick test script to easily exhibit the bug. Run with argument "mawk" or "gawk" to select the version of awk to be used.

Actually, this is much simpler. Run 'mawk -f awk-test.awk' to get a segfault. I attempted a backtrace, but it failed:

Program received signal SIGSEGV, Segmentation fault.
0x08057726 in matherr ()
(gdb) bt
#0 0x08057726 in matherr ()
#1 0x0804b300 in ?? ()
#2 0xbfb06f04 in ?? ()
#3 0xbfb06e90 in ?? ()
#4 0xbfb06e78 in ?? ()
#5 0x0804cccb in ?? ()
#6 0x00000003 in ?? ()
#7 0xbfb06f04 in ?? ()
#8 0xbfb06e78 in ?? ()
#9 0x08059a1b in matherr ()
Previous frame inner to this frame (corrupt stack?)

Ian Jackson (ijackson) wrote :

Fixed in 1.3.3-11ubuntu2

Changed in mawk:
status: Confirmed → Fix Released
Changed in mawk:
status: Unknown → Unconfirmed
Changed in mawk (Debian):
status: New → Confirmed
Changed in mawk (Debian):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.