Segfault on oversized script

Bug #23494 reported by Timothy Brownawell
6
Affects Status Importance Assigned to Milestone
mawk (Debian)
Fix Released
Unknown
mawk (Ubuntu)
Fix Released
Medium
Ian Jackson

Bug Description

In the following script (from autotest), "$at_groups_pattern" is a regex "or" of
numbers up to 284 (ie, 1|2|3|...|283|284 ) . This makes mawk segfault. I realize
that this is probably due to the "compile-time limits" mentioned in the package
description (it works fine with gawk), but it should fail in some way that's more
informative than a segfault.

awk 'BEGIN { FS = ";" }
         { if ($1 !~ /^('"$at_groups_pattern"')$/) next }
         { if ($1) printf " %3d: %-18s %s\n", $1, $2, $3
           if ($4) printf " %s\n", $4 } '

Revision history for this message
Adam Buchbinder (adam-buchbinder) wrote :

Confirmed. My copy of mawk 1.3.3-11ubuntu1 on Dapper exhibits this bug. Running the attached script as 'awk-test.sh gawk' works; running it as 'awk-test mawk' causes the crash.

Changed in mawk:
status: Unconfirmed → Confirmed
Revision history for this message
Adam Buchbinder (adam-buchbinder) wrote : awk-test.sh

Quick test script to easily exhibit the bug. Run with argument "mawk" or "gawk" to select the version of awk to be used.

Revision history for this message
Adam Buchbinder (adam-buchbinder) wrote : awk-test.awk

Actually, this is much simpler. Run 'mawk -f awk-test.awk' to get a segfault. I attempted a backtrace, but it failed:

Program received signal SIGSEGV, Segmentation fault.
0x08057726 in matherr ()
(gdb) bt
#0 0x08057726 in matherr ()
#1 0x0804b300 in ?? ()
#2 0xbfb06f04 in ?? ()
#3 0xbfb06e90 in ?? ()
#4 0xbfb06e78 in ?? ()
#5 0x0804cccb in ?? ()
#6 0x00000003 in ?? ()
#7 0xbfb06f04 in ?? ()
#8 0xbfb06e78 in ?? ()
#9 0x08059a1b in matherr ()
Previous frame inner to this frame (corrupt stack?)

Revision history for this message
Ian Jackson (ijackson) wrote :

Fixed in 1.3.3-11ubuntu2

Changed in mawk:
status: Confirmed → Fix Released
Changed in mawk:
status: Unknown → Unconfirmed
Changed in mawk (Debian):
status: New → Confirmed
Changed in mawk (Debian):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.