[kde-freebsd] konqueror crashes on ACL properties

Fri Aug 28 19:20:52 CEST 2009

on 27/08/2009 20:04 Andriy Gapon said the following:
> [KCrash handler]
> #6  0x0000000803dad5e0 in acl_dup () from /lib/libc.so.7
> #7  0x0000000803d7cc87 in acl_to_text_np () from /lib/libc.so.7
> #8  0x0000000800a3d4af in KACL::asString () from /usr/local/lib/libkio.so.6
> #9  0x0000000800ab4f31 in KFilePermissionsPropsPlugin::KFilePermissionsPropsPlugin
> () from /usr/local/lib/libkio.so.6
> #10 0x0000000800ab73f0 in KPropertiesDialog::insertPages ()
>    from /usr/local/lib/libkio.so.6
> #11 0x0000000800ab751e in KPropertiesDialog::init ()
>    from /usr/local/lib/libkio.so.6
> ...


I think that I found a cause and it actually makes me wonder why I got this crash
only now.
So constructor of KFilePermissionsPropsPlugin (see
kio/kfile/kpropertiesdialog.cpp) has the following:
1573   d->extendedACL = item->ACL();
1574   d->defaultACL = item->defaultACL();
and these lines are executed unconditionally (regardless of any filesystem
properties or configuration settings).
extendedACL and defaultACL variables of KACL type and this is how KACL copy
constructor looks:
 99 KACL::KACL( const KACL& rhs )
100     : d( new KACLPrivate )
101 {
102     setACL( rhs.asString() );
103 }

asString method tries to convert m_acl member to string.
Initially m_acl is set to zero, so it's not a valid acl(3) handle.
Thus, when acl_to_text is called on zero acl_t variable a crash happens in libc.

The following small patch helped me:

--- kio/kio/kacl.cpp.orig       2006-01-19 19:06:10.000000000 +0200
+++ kio/kio/kacl.cpp    2009-08-28 20:10:02.171081167 +0300
@@ -606,7 +606,10 @@
 QString KACL::asString() const
 {
 #ifdef USE_POSIX_ACL
-    return aclAsString( d->m_acl );
+    if (d->m_acl)
+       return aclAsString( d->m_acl );
+    else
+       return QString::null;
 #else
     return QString::null;
 #endif

The idea is to return QString::null if d->m_acl is not initialized (zero).

-- 
Andriy Gapon
