DeathHandler
DeathHandler copied to clipboard
Segmentation fault in Debug::addr2line
strstr(line, "\n")
returns NULL if a newline is not found. Dereferencing without a NULL check causes a segmentation fault.
https://github.com/vmarkovtsev/DeathHandler/blob/911e4df429a89309b10111d76d232d4a7c2b5485/death_handler.cc#L438 https://github.com/vmarkovtsev/DeathHandler/blob/911e4df429a89309b10111d76d232d4a7c2b5485/death_handler.cc#L440
A bug in addr2line causes it to produce outputs such as the following for actually valid binaries:
addr2line: DWARF error: section .debug_info is larger than its filesize! (0x93ef57 vs 0x530ea0)\n
And for whatever reason, line
will occasionally be read only partially through the pipe, e.g.:
addr2line: DWARF error: section .debug_info is larger than its filesize! (0x93ef57 vs 0x
I do not know whether the partial read
is specifically related to this error or if it also happens with valid addr2line output. Either way, the partial read
causes line
not to have a trailing newline. Therefore, strstr
returns NULL and the dereference of NULL + 1 causes a segmentation fault.