GNU bug report logs -
#60928
[PATCH] bugfix/make_hash_table: fix segfault when arg< 0 for make-hash-table
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 60928 in the body.
You can then email your comments to 60928 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guile <at> gnu.org:
bug#60928; Package
guile.
(Wed, 18 Jan 2023 08:39:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Blake Shaw <blake <at> reproduciblemedia.com>:
New bug report received and forwarded. Copy sent to
bug-guile <at> gnu.org.
(Wed, 18 Jan 2023 08:39:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
* libguile/hashtab.c (make_hash_table): FIX SEGMENTATION FAULT
Currently on Guix if a user evokes (make-hash-table arg) where
arg < 0, guile segfaults.
This patch adds the most straight forward solution, checking
if the value passed to make-hash-table is less than 0, and if so,
throwing an error with scm_out_of_range to avoid segfaulting.
It builds and passes all tests in a guix shell using the
command:
$ guix shell automake autoconf make flex gnulib gettext libtool \
gperf gmp git libffi -D guile guix -C -- \
./autogen.sh && ./configure && make && make check
afterwards, using: ./meta/guile -q
=> scheme@(guile-user)> (make-hash-table -1)
ice-9/boot-9.scm:1685:16: In procedure raise-exception:
Value out of range 0 to< 18446744073709551615: -1
as desired...
I'm not familiar with the inner workings of libguile, but
figured I'd offer a fix regardless, so take this this patch
with a grain of salt, it was a quicky...
---
libguile/hashtab.c | 29 +++++++++++++++--------------
1 file changed, 15 insertions(+), 14 deletions(-)
diff --git a/libguile/hashtab.c b/libguile/hashtab.c
index b4f004c1d..9cb5d7a47 100644
--- a/libguile/hashtab.c
+++ b/libguile/hashtab.c
@@ -84,23 +84,24 @@ make_hash_table (unsigned long k, const char *func_name)
SCM vector;
scm_t_hashtable *t;
int i = 0, n = k ? k : 31;
- while (i + 1 < HASHTABLE_SIZE_N && n > hashtable_size[i])
- ++i;
- n = hashtable_size[i];
-
- vector = scm_c_make_vector (n, SCM_EOL);
-
- t = scm_gc_malloc_pointerless (sizeof (*t), s_hashtable);
- t->min_size_index = t->size_index = i;
- t->n_items = 0;
- t->lower = 0;
- t->upper = 9 * n / 10;
+ if (k < i) {
+ scm_out_of_range (func_name, scm_from_ulong (k));
+ } else {
+ while (i + 1 < HASHTABLE_SIZE_N && n > hashtable_size[i])
+ ++i;
+ n = hashtable_size[i];
+ vector = scm_c_make_vector (n, SCM_EOL);
+ t = scm_gc_malloc_pointerless (sizeof (*t), s_hashtable);
+ t->min_size_index = t->size_index = i;
+ t->n_items = 0;
+ t->lower = 0;
+ t->upper = 9 * n / 10;
/* FIXME: we just need two words of storage, not three */
- return scm_double_cell (scm_tc7_hashtable, SCM_UNPACK (vector),
- (scm_t_bits)t, 0);
+ return scm_double_cell (scm_tc7_hashtable, SCM_UNPACK (vector),
+ (scm_t_bits)t, 0);
+ }
}
-
void
scm_i_rehash (SCM table,
scm_t_hash_fn hash_fn,
--
2.38.1
Information forwarded
to
bug-guile <at> gnu.org:
bug#60928; Package
guile.
(Wed, 18 Jan 2023 09:11:02 GMT)
Full text and
rfc822 format available.
Message #8 received at submit <at> debbugs.gnu.org (full text, mbox):
It seems this is the same bug as https://bugs.gnu.org/60488 and https://bugs.gnu.org/58154, at least it doesn't segfault in main anymore.
Information forwarded
to
bug-guile <at> gnu.org:
bug#60928; Package
guile.
(Wed, 18 Jan 2023 09:11:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-guile <at> gnu.org:
bug#60928; Package
guile.
(Thu, 19 Jan 2023 08:22:01 GMT)
Full text and
rfc822 format available.
Message #14 received at submit <at> debbugs.gnu.org (full text, mbox):
lloda <lloda <at> sarc.name> writes:
> It seems this is the same bug as https://bugs.gnu.org/60488 and
> https://bugs.gnu.org/58154, at least it doesn't segfault in main
> anymore.
oh sorry about the false patch then, I had searched my local
repo for commits containing the word segfault and didn't find any
mention, it seems I had pulled just before it was applied.
Information forwarded
to
bug-guile <at> gnu.org:
bug#60928; Package
guile.
(Thu, 19 Jan 2023 08:22:04 GMT)
Full text and
rfc822 format available.
Information forwarded
to
bug-guile <at> gnu.org:
bug#60928; Package
guile.
(Thu, 19 Jan 2023 17:20:02 GMT)
Full text and
rfc822 format available.
Message #20 received at submit <at> debbugs.gnu.org (full text, mbox):
No worries, thanks for the report!
I note that there's already an old test for (make-hash-table -1) in hash.test.
Regards
Daniel
Reply sent
to
lloda <lloda <at> sarc.name>:
You have taken responsibility.
(Thu, 19 Jan 2023 17:20:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Blake Shaw <blake <at> reproduciblemedia.com>:
bug acknowledged by developer.
(Thu, 19 Jan 2023 17:20:02 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Fri, 17 Feb 2023 12:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 68 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.