From xemacs-m  Fri Dec  6 12:47:09 1996
Received: from neal.ctd.comsat.com (exim@neal.ctd.comsat.com [134.133.40.21]) by xemacs.cs.uiuc.edu (8.8.3/8.8.3) with SMTP id MAA10987 for <xemacs-beta@xemacs.org>; Fri, 6 Dec 1996 12:47:08 -0600 (CST)
Received: from neal by neal.ctd.comsat.com with local (Exim 1.58 #2)
	id 0vW5Ik-0002LX-00; Fri, 6 Dec 1996 13:47:10 -0500
To: xemacs-beta@xemacs.org
Subject: [linux.dev.gcc] Re: libc.5.4.15-16 lead to coredump for emacs
Mime-Version: 1.0 (generated by tm-edit 7.95)
Content-Type: message/rfc822
From: Neal Becker <neal@ctd.comsat.com>
Date: 06 Dec 1996 13:47:09 -0500
Message-ID: <u9iv6fecia.fsf@neal.ctd.comsat.com>
Lines: 43
X-Mailer: Gnus v5.2.25/XEmacs 19.14

Newsgroups: linux.dev.gcc
From: Andreas Schwab <schwab@ls5.informatik.uni-dortmund.de>
Date: Fri, 6 Dec 96 10:59:22 +0100
Message-ID: <9612060959.AA11485@issan.informatik.uni-dortmund.de>
Subject: Re: libc.5.4.15-16 lead to coredump for emacs
References: <199612051016.LAA01495@jfh00.fernuni-hagen.de>


Fritz Heinrichmeyer <jfh@jfh00.fernuni-hagen.de> writes:

|> This is what happened with linux-2.1.14 and the mentioned libc's
|> (everything else works, with the new kernels there is also alwas an
|> excepion raised on startup, it was the emacs from readhat btw.)

|> Reading symbols from /usr/X11R6/lib/libX11.so.6...
|> (no debugging symbols found)...done.
|> Reading symbols from /usr/lib/libncurses.so.3.0...
|> (no debugging symbols found)...done.
|> Reading symbols from /lib/libm.so.5.0.6...done.
|> Reading symbols from /lib/libc.so.5.4.16...done.
|> Reading symbols from /lib/ld-linux.so.1...done.
|> ---Type <return> to continue, or q <return> to quit---
|> #0  0x4021e489 in __libc_kill ()
|> (gdb) where
|> #0  0x4021e489 in __libc_kill ()
|> #1  0x807953b in XMapRaised ()
|> #2  0xbffff464 in ?? ()
|> #3  0x402317cd in getwd (buf=3D0x40005fd8 "@=DB\004\bPB\034@h=F0#@l\237\0=
                     ^^^^^
|> 16\b")
|> #4  0x8079de4 in XMapRaised ()
|> #5  0x804db9b in XMapRaised ()
|> (gdb)     =20


getwd() is the culprit.  Since PATH_MAX has changed (from 1024 to 4095) a
getwd compiled against linux 2.1 will now write beyond array bounds if the
program is compiled against linux 2.0 or earlier.  The only correct fix
is: NEVER USE getwd(), it is as evil as gets()!  Emacs should be changed.

-- 
Andreas Schwab                                      "And now for something
schwab@issan.informatik.uni-dortmund.de              completely different"

