View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
---|---|---|---|---|---|---|---|---|---|
0002553 | NetSurf | [All Projects] General | public | 2017-08-06 05:38 | 2017-10-16 23:33 | ||||
Reporter | Alastair Hughes | ||||||||
Assigned To | Vincent Sanders | ||||||||
Severity | crash | Reproducibility | always | ||||||
Status | closed | Resolution | open | ||||||
Platform | x86_64 | OS | Linux | OS Version | Arch | ||||
Product Version | 3.6 | ||||||||
Target Version | Fixed in Version | 3.7 | |||||||
Summary | 0002553: Unchecked *alloc() causes segfault in low-memory situations | ||||||||
Description | Unchecked *alloc() calls can cause segmentation faults in low-memory situations, such as on computers with very limited memory (eg 32mb) or when artificially restricting the amount of memory available. This is mainly a problem with the framebuffer frontend since a segmentation fault seems to leave the framebuffer in an unusable state. This is present in (at least) the git version of netsurf and libnsfb; it looks like a larger audit would be necessary to find all the places where this occurs, however grepping for "alloc(" seems to find most of the locations to check. Actually handling the failures seems to be a different story entirely, but avoiding crashing would be a nice start as it would at least allow the user to quit the program or (if there is sufficient memory) navigate to a different website. | ||||||||
Steps To Reproduce | ulimit -v 17000; netsurf If this does not fail, try to travel to a website (The ulimit -v value may need adjusting; glib aborts when *alloc() and similar fails, so testing should probably be with the framebuffer frontend). | ||||||||
Additional Information | I'm happy to go through and try to add some basic error-checking to the various *alloc() calls. For libnsfb error handling seems largely straightforward (functions returning false to indicate that they failed, right?) but whether or not the error is printed to stderr seems to vary between the various backends - is there some kind of policy here? | ||||||||
Tags | No tags attached. | ||||||||
Fixed in CI build # | |||||||||
Reported in CI build # | |||||||||
URL of problem page | |||||||||
Attached Files |
|
Notes | |
Alastair Hughes (reporter) 2017-08-06 10:00 |
I've attached a patch that should fix most of the segfaults that I was encountering in libnsfb; the indentation seems quite odd in the source so I've pretty much just left it using spaces. It hopefully illustrates the problem and the basic fixes. There is a comment in the vnc backend suggesting that the library used doesn't check the return value from *alloc, so I've left it as is. The wld backend uses calloc to create new events - running out of memory in that case would be quite messy and probably needs a bit more attention than I've given it here. |
Vincent Sanders (administrator) 2017-10-16 23:33 |
Thankyou for your report, this has been resolved in the 3.7 release |
Issue History | |||
Date Modified | Username | Field | Change |
---|---|---|---|
2017-08-06 05:38 | Alastair Hughes | New Issue | |
2017-08-06 10:00 | Alastair Hughes | File Added: 0001-Always-check-return-value-for-alloc.patch | |
2017-08-06 10:00 | Alastair Hughes | Note Added: 0001577 | |
2017-09-09 17:46 | Vincent Sanders | Status | new => acknowledged |
2017-10-15 13:46 | Vincent Sanders | Assigned To | => Vincent Sanders |
2017-10-15 13:46 | Vincent Sanders | Status | acknowledged => resolved |
2017-10-15 13:46 | Vincent Sanders | Fixed in Version | => 3.7 |
2017-10-16 23:33 | Vincent Sanders | Status | resolved => closed |
2017-10-16 23:33 | Vincent Sanders | Note Added: 0001643 |