MantisBT - NetSurf |
View Issue Details |
|
ID | Project | Category | View Status | Date Submitted | Last Update |
0002553 | NetSurf | [All Projects] General | public | 2017-08-06 05:38 | 2017-10-16 23:33 |
|
Reporter | Alastair Hughes | |
---|
Assigned To | Vincent Sanders | |
---|
Priority | normal | Severity | crash | Reproducibility | always |
---|
Status | closed | Resolution | open | |
---|
Platform | x86_64 | OS | Linux | OS Version | Arch |
---|
Product Version | 3.6 | |
---|
Target Version | | Fixed in Version | 3.7 | |
---|
Fixed in CI build # | |
---|
Reported in CI build # | |
---|
URL of problem page | |
---|
|
Summary | 0002553: Unchecked *alloc() causes segfault in low-memory situations |
---|
Description | Unchecked *alloc() calls can cause segmentation faults in low-memory situations, such as on computers with very limited memory (eg 32mb) or when artificially restricting the amount of memory available. This is mainly a problem with the framebuffer frontend since a segmentation fault seems to leave the framebuffer in an unusable state.
This is present in (at least) the git version of netsurf and libnsfb; it looks like a larger audit would be necessary to find all the places where this occurs, however grepping for "alloc(" seems to find most of the locations to check.
Actually handling the failures seems to be a different story entirely, but avoiding crashing would be a nice start as it would at least allow the user to quit the program or (if there is sufficient memory) navigate to a different website. |
---|
Steps To Reproduce | ulimit -v 17000; netsurf
If this does not fail, try to travel to a website
(The ulimit -v value may need adjusting; glib aborts when *alloc() and similar fails, so testing should probably be with the framebuffer frontend). |
---|
Additional Information | I'm happy to go through and try to add some basic error-checking to the various *alloc() calls. For libnsfb error handling seems largely straightforward (functions returning false to indicate that they failed, right?) but whether or not the error is printed to stderr seems to vary between the various backends - is there some kind of policy here? |
---|
Tags | No tags attached. |
---|
Relationships | |
Attached Files | 0001-Always-check-return-value-for-alloc.patch (4,639) 2017-08-06 10:00 https://bugs.netsurf-browser.org/mantis/file_download.php?file_id=508&type=bug |
---|