From xemacs-m  Thu Sep 25 12:10:02 1997
Received: from bittersweet.inetarena.com (karlheg@bittersweet.inetarena.com [206.129.216.38])
	by xemacs.org (8.8.5/8.8.5) with ESMTP id MAA20312
	for <xemacs-beta@xemacs.org>; Thu, 25 Sep 1997 12:10:00 -0500 (CDT)
Received: (from karlheg@localhost)
	by bittersweet.inetarena.com (8.8.7/8.8.7/Debian/GNU) id KAA22309;
	Thu, 25 Sep 1997 10:10:33 -0700
To: XEmacs Beta <xemacs-beta@xemacs.org>
Subject: Re: Fatal serious (security) flaw in XEmacs 19.16/20.3
References: <m2zpp22ae9.fsf@altair.xemacs.org>
X-Face: /Q}=yl}1_v7nP)xXo5XjG8+tl@=uVu7o5u6)f]zN?+<hB!K.m9:[|*p34jVN`O;:XZXVSy>/\R>qDt(t8w!-i{(y0"`jFw^uk8inzO9wXabd'CdjUWfC\GHi:6nO*YC89#-qD>Q4r%9!V"<RYJ=7D#$";q=zML5'!=wvXk^$`6FT=5CMofQX)WUKt0p:OKl.mFOXx/D
Mime-Version: 1.0 (generated by tm-edit 7.108)
Content-Type: text/plain; charset=US-ASCII
From: karlheg@inetarena.com (Karl M. Hegbloom)
Date: 25 Sep 1997 10:10:32 -0700
In-Reply-To: SL Baur's message of "24 Sep 1997 23:08:30 -0700"
Message-ID: <87bu1hmi9j.fsf@bittersweet.inetarena.com>
Lines: 46
X-Mailer: Quassia Gnus v0.9/XEmacs 20.3(beta23) - "Sarajevo"

 I ran: `xemacs -nw -q -no-site-file' in an xterm, and pasted the
 example into the *scratch* buffer, then ran it with C-j, and got a
 segmentation fault.  I tried several times, and it does it every
 time.  The `-nw', of course, has no effect.  Here's a backtrace; it
 doesn't look very helpful.


Lisp backtrace follows:

  princ(Segmentation fault (core dumped)
[status 139]


Script started on Thu Sep 25 10:06:47 1997
]0;karlheg@bittersweet:~
501$ gdb xemacs core
GDB is free software and you are welcome to distribute copies of it
 under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for details.
GDB 4.16.patched (i586-debian-linux), 
Copyright 1996 Free Software Foundation, Inc...
Core was generated by `xemacs -nw -q -no-site-file'.
Program terminated with signal 11, Segmentation fault.
find_solib: Can't read pathname for load map: Input/output error

#0  0x80cbcc6 in print_internal (obj={s = {type_mark = 0, val = 0}, gu = {
        type = Lisp_Type_Int, markbit = 0, val = 0}, i = 0, v = 0x0, 
      cv = 0x0}, printcharfun={s = {type_mark = 0, val = 0}, gu = {
        type = Lisp_Type_Int, markbit = 0, val = 0}, i = 0, v = 0x0, 
      cv = 0x0}, escapeflag=0) at print.c:1140
1140		if (lheader->implementation->printer)
(gdb) where
#0  0x80cbcc6 in print_internal (obj={s = {type_mark = 0, val = 0}, gu = {
        type = Lisp_Type_Int, markbit = 0, val = 0}, i = 0, v = 0x0, 
      cv = 0x0}, printcharfun={s = {type_mark = 0, val = 0}, gu = {
        type = Lisp_Type_Int, markbit = 0, val = 0}, i = 0, v = 0x0, 
      cv = 0x0}, escapeflag=0) at print.c:1140
#1  0xbfffe104 in ?? ()
#2  0x40281af0 in ?? () from /lib/libc.so.6
#3  0x6a1d0000 in ?? ()
Cannot access memory at address 0x57130000.
(gdb) quit
]0;karlheg@bittersweet:~
502$ exit

Script done on Thu Sep 25 10:07:24 1997

