MantisBT - NetSurf
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0002553NetSurf[All Projects] Generalpublic2017-08-06 05:382017-10-16 23:33
ReporterAlastair Hughes 
Assigned ToVincent Sanders 
PrioritynormalSeveritycrashReproducibilityalways
StatusclosedResolutionopen 
Platformx86_64OSLinuxOS VersionArch
Product Version3.6 
Target VersionFixed in Version3.7 
Fixed in CI build #
Reported in CI build #
URL of problem page
Summary0002553: Unchecked *alloc() causes segfault in low-memory situations
DescriptionUnchecked *alloc() calls can cause segmentation faults in low-memory situations, such as on computers with very limited memory (eg 32mb) or when artificially restricting the amount of memory available. This is mainly a problem with the framebuffer frontend since a segmentation fault seems to leave the framebuffer in an unusable state.

This is present in (at least) the git version of netsurf and libnsfb; it looks like a larger audit would be necessary to find all the places where this occurs, however grepping for "alloc(" seems to find most of the locations to check.

Actually handling the failures seems to be a different story entirely, but avoiding crashing would be a nice start as it would at least allow the user to quit the program or (if there is sufficient memory) navigate to a different website.
Steps To Reproduceulimit -v 17000; netsurf

If this does not fail, try to travel to a website

(The ulimit -v value may need adjusting; glib aborts when *alloc() and similar fails, so testing should probably be with the framebuffer frontend).
Additional InformationI'm happy to go through and try to add some basic error-checking to the various *alloc() calls. For libnsfb error handling seems largely straightforward (functions returning false to indicate that they failed, right?) but whether or not the error is printed to stderr seems to vary between the various backends - is there some kind of policy here?
TagsNo tags attached.
Relationships
Attached Filespatch 0001-Always-check-return-value-for-alloc.patch (4,639) 2017-08-06 10:00
https://bugs.netsurf-browser.org/mantis/file_download.php?file_id=508&type=bug

Notes
(0001577)
Alastair Hughes   
2017-08-06 10:00   
I've attached a patch that should fix most of the segfaults that I was encountering in libnsfb; the indentation seems quite odd in the source so I've pretty much just left it using spaces. It hopefully illustrates the problem and the basic fixes.

There is a comment in the vnc backend suggesting that the library used doesn't check the return value from *alloc, so I've left it as is. The wld backend uses calloc to create new events - running out of memory in that case would be quite messy and probably needs a bit more attention than I've given it here.
(0001643)
Vincent Sanders   
2017-10-16 23:33   
Thankyou for your report, this has been resolved in the 3.7 release

Issue History
Date ModifiedUsernameFieldChange
2017-08-06 05:38Alastair HughesNew Issue
2017-08-06 10:00Alastair HughesFile Added: 0001-Always-check-return-value-for-alloc.patch
2017-08-06 10:00Alastair HughesNote Added: 0001577
2017-09-09 17:46Vincent SandersStatusnew => acknowledged
2017-10-15 13:46Vincent SandersAssigned To => Vincent Sanders
2017-10-15 13:46Vincent SandersStatusacknowledged => resolved
2017-10-15 13:46Vincent SandersFixed in Version => 3.7
2017-10-16 23:33Vincent SandersStatusresolved => closed
2017-10-16 23:33Vincent SandersNote Added: 0001643