[GRASS-dev] [GRASS GIS] #970: r.report seg faults on small page width values

#970: r.report seg faults on small page width values
------------------------------------------------------+---------------------
Reporter: epatton | Owner: grass-dev@lists.osgeo.org
     Type: defect | Status: new
Priority: minor | Milestone: 6.5.0
Component: Raster | Version: svn-develbranch6
Keywords: r.report, page width, segmentation fault | Platform: Linux
      Cpu: x86-64 |
------------------------------------------------------+---------------------
r.report seg faults when passed small values of page width values. From
the NC test dataset, the elevation raster creates the seg fault on 23
characters, and an infinite loop with 24 characters:

{{{
r.report -h map=elevation pw=23
  100%
+---------------------+
|Category Information |
| #|description |
|---------------------|
|104.966573-105.361675|from to �
'@�?@�h0�h��h`�h@�h�����'
�Y

c4@/�~F�'@4@���V
       Al
         A@k#A�K#A�?����
�Segmentation fault
}}}

gdb backtrace:

{{{
gdb -q r.report
Reading symbols from /usr/local/grass-6.5.svn/bin/r.report...done.
(gdb) run map=elevation pw=23
# lots of binary gibberish printed, then:
Program received signal SIGSEGV, Segmentation fault.
print_label (s=0x629000 <Address 0x629000 out of bounds>, len=<value
optimized out>, pflag=1, spacing=0, dot=<value optimized out>) at
label.c:46
46 putchar(*s);
(gdb)
}}}

~ Eric.

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/970&gt;
GRASS GIS <http://grass.osgeo.org>

#970: r.report seg faults on small page width values
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: minor | Milestone: 6.5.0
Component: Raster | Version: svn-develbranch6
Resolution: | Keywords: r.report, page width, segmentation fault
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Comment (by epatton):

Sorry, I forget the actual backtrace. Up late watching Olympics closing
ceremonies.

(gdb) bt full
#0 print_label (s=0x629000 <Address 0x629000 out of bounds>, len=<value
optimized out>, pflag=1, spacing=0, dot=<value optimized out>) at
label.c:46
         x = 0x607100 " \205\272\367\377\177"
         n = <value optimized out>
         i = 0
#1 0x0000000000404f81 in print_report (unit1=<value optimized out>,
unit2=-1) at prt_report.c:221
         NS = 0
         ns = 0
         nl = 0
         nx = <value optimized out>
         num = "104.966573-105.361675", '\000' <repeats 11 times>,
"@q`\000\000\000\000\000\220\001\271\367\377\177\000\000\001\000\000\000\000\000\000\000`v`",
'\000' <repeats 13 times>"\325,
\065\337\367\377\177\000\000@\334\335\367\377\177\000\000@\334\335\367\377\177\000\000\003\352\274",
<incomplete sequence \367>
         len = <value optimized out>
         new = 1
         cats = <value optimized out>
         prev = 0x7fffffffdae0
         first = 1
         i = <value optimized out>
         divider_level = <value optimized out>
         after_header = <value optimized out>
         cp = 0x607240 "from to "
         spacing = <value optimized out>
#2 0x000000000040534c in report () at report.c:11
         unit1 = <value optimized out>
         unit2 = <value optimized out>
#3 0x0000000000403573 in main (argc=3, argv=0x7fffffffdae8) at main.c:73
         module = <value optimized out>
(gdb)

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/970#comment:1&gt;
GRASS GIS <http://grass.osgeo.org>

#970: r.report seg faults on small page width values
----------------------+-----------------------------------------------------
  Reporter: epatton | Owner: grass-dev@lists.osgeo.org
      Type: defect | Status: new
  Priority: minor | Milestone: 6.4.0
Component: Raster | Version: svn-develbranch6
Resolution: | Keywords: r.report, page width, segmentation fault
  Platform: Linux | Cpu: x86-64
----------------------+-----------------------------------------------------
Changes (by neteler):

  * milestone: 6.5.0 => 6.4.0

Comment:

Confirmed in G6.4-7.

It only crashes with FP maps. It happens in label.c" line 44, i.e.
source:grass/trunk/raster/r.report/label.c@41232#L44 (while...). "@" is
never found in "from ... to" so it rounds out of bound.

Markus

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/970#comment:2&gt;
GRASS GIS <http://grass.osgeo.org>

#970: r.report seg faults on small page width values
------------------------------------------------------+---------------------
Reporter: epatton | Owner: grass-dev@…
     Type: defect | Status: new
Priority: minor | Milestone: 6.4.4
Component: Raster | Version: svn-develbranch6
Keywords: r.report, page width, segmentation fault | Platform: Linux
      Cpu: x86-64 |
------------------------------------------------------+---------------------
Changes (by neteler):

  * milestone: 6.4.0 => 6.4.4

Old description:

r.report seg faults when passed small values of page width values. From
the NC test dataset, the elevation raster creates the seg fault on 23
characters, and an infinite loop with 24 characters:

{{{
r.report -h map=elevation pw=23
100%
+---------------------+
|Category Information |
| #|description |
|---------------------|
|104.966573-105.361675|from to �
'@�?@�h0�h��h`�h@�h�����'
�Y

c4@/�~F�'@4@���V
      Al
        A@k#A�K#A�?����
�Segmentation fault
}}}

gdb backtrace:

{{{
gdb -q r.report
Reading symbols from /usr/local/grass-6.5.svn/bin/r.report...done.
(gdb) run map=elevation pw=23
# lots of binary gibberish printed, then:
Program received signal SIGSEGV, Segmentation fault.
print_label (s=0x629000 <Address 0x629000 out of bounds>, len=<value
optimized out>, pflag=1, spacing=0, dot=<value optimized out>) at
label.c:46
46 putchar(*s);
(gdb)
}}}

~ Eric.

New description:

r.report seg faults when passed small values of page width values. From
the NC test dataset, the elevation raster creates the seg fault on 23
characters, and an infinite loop with 24 characters:

{{{
r.report -h map=elevation pw=23
  100%
+---------------------+
|Category Information |
| #|description |
|---------------------|
|104.966573-105.361675|from to �
'@�?@�h0�h��h`�h@�h�����'�Yc4@/�~F�'@4@���V
       Al
         A@k#A�K#A�?�����Segmentation fault
}}}

gdb backtrace:

{{{
gdb -q r.report
Reading symbols from /usr/local/grass-6.5.svn/bin/r.report...done.
(gdb) run map=elevation pw=23
# lots of binary gibberish printed, then:
Program received signal SIGSEGV, Segmentation fault.
print_label (s=0x629000 <Address 0x629000 out of bounds>, len=<value
optimized out>, pflag=1, spacing=0, dot=<value optimized out>) at
label.c:46
46 putchar(*s);
(gdb)
}}}

~ Eric.

--

Comment:

Still segfaulting:

{{{
GRASS 6.4.3svn (nc_spm_08):~ > r.report -h map=elevation pw=23
  100%
+---------------------+
|Category Information |
| #|description |
|---------------------|
|103.781266-104.176368|from to ��������c�?�?�?�?�?p�
A�
Segmentation fault (core dumped)
}}}

also in GRASS 7.svn:
{{{
GRASS 7.0.svn (nc_spm_08):~ > r.report -h map=elevation pw=23
  100%
+---------------------+
|Category Information |
| #|description |
|---------------------|
|103.781266-104.176368|from to ��������c�?�?�?�?�?p�
A�
A0�#A�z#A�?�:�:G�����:n@� �:@�:`�:Segmentation fault (core dumped)
}}}

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/970#comment:3&gt;
GRASS GIS <http://grass.osgeo.org>

#970: r.report seg faults on small page width values
------------------------------------------------------+---------------------
Reporter: epatton | Owner: grass-dev@…
     Type: defect | Status: new
Priority: minor | Milestone: 6.4.4
Component: Raster | Version: svn-develbranch6
Keywords: r.report, page width, segmentation fault | Platform: Linux
      Cpu: x86-64 |
------------------------------------------------------+---------------------

Comment(by mmetz):

Fixed in trunk r52817 such that there is no longer a segfault but a
warning that the page width is too small. Ideally the output would be
formatted such that it fits into the page width, but then this may not
always be possible or lead to unreadable output for a small page width.

Markus M

--
Ticket URL: <http://trac.osgeo.org/grass/ticket/970#comment:4&gt;
GRASS GIS <http://grass.osgeo.org>