search

mirror / wget

Wget Git mirror
GNU General Public License v3.0
394 stars 134 forks source link

Segmentation fault in pure IPv4 wget #12

Closed swapniil closed 4 years ago

swapniil commented 4 years ago

root@build-server-8:/home/smore/WGET/wget-1.18# ./src/wget -4 -np --limit-rate=100k --timeout=1 --delete-after --tries=1 --no-dns-cache --dns-servers=8.8.4.4 http://cpp.sh --bind-address=150.1.1.111 --bind-dns-address=150.1.1.111 --2020-06-13 23:12:27-- http://cpp.sh/ Resolving cpp.sh (cpp.sh)... 661 Total count = al1=0x2193d40, al2=0x600000077 662 Total count = al1=0x2193d40, al2=0x600000077Segmentation fault (core dumped)

root@build-server-8:/home/smore/WGET/wget-1.18# !gdb gdb ./src/wget core GNU gdb (Debian 7.12-6) 7.12.0.20161007-git Copyright (C) 2016 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/. Find the GDB manual and other documentation resources online at: http://www.gnu.org/software/gdb/documentation/. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from ./src/wget...(no debugging symbols found)...done. [New LWP 5232] Core was generated by `./src/wget -4 -np --limit-rate=100k --timeout=1 --delete-after --tries=1 --no-d'. Program terminated with signal SIGSEGV, Segmentation fault.

0 0x0000000000416a3f in merge_address_lists ()

(gdb) bt

0 0x0000000000416a3f in merge_address_lists ()

1 0x000000000041717c in lookup_host ()

2 0x000000000040451b in connect_to_host ()

3 0x000000000041e1d9 in establish_connection ()

4 0x000000000041f3a9 in gethttp ()

5 0x000000000042180a in http_loop ()

6 0x0000000000430795 in retrieve_url ()

7 0x00000000004298ba in main ()

(gdb)

There are uninitialized struct address_list * in lookup_host function. For v4 only queries on Debian Jessie system we are getting crash due to this.

Build-Steps:

./configure PKG_CONFIG_PATH="/usr/lib/x86_64-linux-gnu/pkgconfig/" GNUTLS_CFLAGS="-I/usr/include/" --without-ssl --with-cares
make clean;make

Patch has been sent with mail-header Patch: Segmentation fault in pure IPv4 wget #12

swapniil commented 4 years ago

Fixed commit ID e830f5f42b8103d5d7452b9756204df4047003f6