search

okbob / pspg

Unix pager (with very rich functionality) designed for work with tables. Designed for PostgreSQL, but MySQL is supported too. Works well with pgcli too. Can be used as CSV or TSV viewer too. It supports searching, selecting rows, columns, or block and export selected area to clipboard.
BSD 2-Clause "Simplified" License
2.43k stars 85 forks source link

Segfault on KOI8-RU file #233

Closed leahneukirchen closed 10 months ago

leahneukirchen commented 10 months ago

I was looking at random CSV files on my disk to test pspg, and noticed this file crashes it: russian.csv

Note this only works when:

I realize pspg only does UTF-8 input, but I think it should not crash.

The cause seems to be a column which has width -1.

(gdb) r
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /usr/bin/pspg /opt/texlive/2023/texmf-dist/doc/support/pedigree-perl/examples/russian.csv
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib64/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x0000555555561d8e in memcpy (__len=3, __src=0x55555558e0d4, __dest=0x5555555c6000) at /usr/include/bits/string_fortified.h:29
29    return __builtin___memcpy_chk (__dest, __src, __len,
(gdb) bt
#0  0x0000555555561d8e in memcpy (__len=3, __src=0x55555558e0d4, __dest=0x5555555c6000) at /usr/include/bits/string_fortified.h:29
#1  pb_write_repeat (size=3, str=0x55555558e0d4 "─", n=-43073, printbuf=0x7ffffffe7520) at src/pretty-csv.c:199
#2  pb_writes_repeat (str=0x55555558e0d4 "─", n=-1, printbuf=0x7ffffffe7520) at src/pretty-csv.c:208
#3  pb_print_vertical_header (printbuf=0x7ffffffe7520, pdesc=0x5555555616a0 <pb_write+112>, pos=<optimized out>, pconfig=<optimized out>) at src/pretty-csv.c:360
#4  0x00007ffffffeb890 in ?? ()
#5  0x0000000255560f25 in ?? ()
#6  0x000055555558e0e8 in ?? ()
#7  0x000055555558e0e4 in ?? ()
#8  0x0000000000000000 in ?? ()

Note how n is negative.

Breaking earlier, we see:

Breakpoint 1, pb_print_vertical_header (printbuf=printbuf@entry=0x7ffffffe7520, pdesc=pdesc@entry=0x7ffffffeb890, pos=pos@entry=116 't', pconfig=0x7ffffffd7058) at src/pretty-csv.c:277
277 in src/pretty-csv.c
(gdb) p pdesc->widths 
$2 = {3, 25, 10, -1, 12, 5, 2, 20, 20, 12, 0, 2, 2, 0, 2, 0 <repeats 1009 times>}
okbob commented 10 months ago

Hi

čt 19. 10. 2023 v 17:08 odesílatel Leah Neukirchen @.***> napsal:

I was looking at random CSV files on my disk to test pspg, and noticed this file crashes it: russian.csv https://github.com/okbob/pspg/files/13044290/russian.csv

Note this only works when:

  • the filename ends with .csv (piping into it is fine)

I realize pspg only does UTF-8 input, but I think it should not crash.

pspg uses env variable LANG for encoding specification. It should support 8bit encodings, but the LANG variable should be correct.

The cause seems to be a column which has width -1.

(gdb) r The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /usr/bin/pspg /opt/texlive/2023/texmf-dist/doc/support/pedigree-perl/examples/russian.csv [Thread debugging using libthread_db enabled] Using host libthread_db library "/usr/lib64/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault. 0x0000555555561d8e in memcpy (len=3, src=0x55555558e0d4, dest=0x5555555c6000) at /usr/include/bits/string_fortified.h:29 29 return _builtinmemcpy_chk (dest, src, __len, (gdb) bt

0 0x0000555555561d8e in memcpy (len=3, src=0x55555558e0d4, __dest=0x5555555c6000) at /usr/include/bits/string_fortified.h:29

1 pb_write_repeat (size=3, str=0x55555558e0d4 "─", n=-43073, printbuf=0x7ffffffe7520) at src/pretty-csv.c:199

2 pb_writes_repeat (str=0x55555558e0d4 "─", n=-1, printbuf=0x7ffffffe7520) at src/pretty-csv.c:208

3 pb_print_vertical_header (printbuf=0x7ffffffe7520, pdesc=0x5555555616a0 <pb_write+112>, pos=, pconfig=) at src/pretty-csv.c:360

4 0x00007ffffffeb890 in ?? ()

5 0x0000000255560f25 in ?? ()

6 0x000055555558e0e8 in ?? ()

7 0x000055555558e0e4 in ?? ()

8 0x0000000000000000 in ?? ()

Note how n is negative.

Breaking earlier, we see:

Breakpoint 1, pb_print_vertical_header @.=0x7ffffffe7520, @.=0x7ffffffeb890, @.***=116 't', pconfig=0x7ffffffd7058) at src/pretty-csv.c:277 277 in src/pretty-csv.c (gdb) p pdesc->widths $2 = {3, 25, 10, -1, 12, 5, 2, 20, 20, 12, 0, 2, 2, 0, 2, 0 <repeats 1009 times>}

I did new check there 462ae77813dcb809f7258fe2b817427e678eee06

Reply to this email directly, view it on GitHub https://github.com/okbob/pspg/issues/233, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAEFO42SQGDY3FAEWW6QKCLYAE66DAVCNFSM6AAAAAA6HL6JOOVHI2DSMVQWIX3LMV43ASLTON2WKOZRHE2TENBZGM4DONI . You are receiving this because you are subscribed to this thread.Message ID: @.***>

leahneukirchen commented 10 months ago

Still crashes on HEAD for me... the problem is that linebuf->widths is unsigned size_t:

(gdb) p linebuf->widths 
$3 = {3, 25, 10, 18446744073709551615, 12, 5, 2, 20, 20, 12, 0, 2, 2, 0, 2, 0 <repeats 1009 times>}
okbob commented 10 months ago

please try d693bb4cd44a5c8a45f28d825f75bc3d65f9f5bc

leahneukirchen commented 10 months ago

That works, thanks.