[Kst] [Bug 142420] New: kst data wizard crashes with sigabrt on certain file names

Barth Netterfield netterfield at astro.utoronto.ca
Sat Mar 3 00:44:24 CET 2007 

This is clearly a string overflow bug in the shipped but no longer maintained 
readdata/frame file data source.   I can fix it, but for most people (eg, 
everyone who isn't reading 1997 Boomerang data - ie, everyone), an adequate 
fix would be to remove this data source.

On Friday 02 March 2007 4:19:16 pm Bastien Chevreux wrote:
> ------- You are receiving this mail because: -------
> You are the assignee for the bug, or are watching the assignee.
>
> http://bugs.kde.org/show_bug.cgi?id=142420
>            Summary: kst data wizard crashes with sigabrt on certain file
>                     names
>            Product: kst
>            Version: unspecified
>           Platform: SuSE RPMs
>         OS/Version: Linux
>             Status: UNCONFIRMED
>           Severity: crash
>           Priority: NOR
>          Component: general
>         AssignedTo: kst kde org
>         ReportedBy: bach chevreux org
>
>
> Version:            (using KDE KDE 3.5.5)
> Installed from:    SuSE RPMs
> OS:                Linux
>
> Hello there,
>
> this is a crash report for kst 1.3.1 installed from OpenSUSE 10.2 (64 bit)
>
> How to reproduce
> ----------------
> I have a directory with one file with data. The data file is named
> "bsp1_int_posmatch_rawhashhits_preassembly.0.lst".
>
> I start kst, choose data wizard, in data wizard open the file dialog,
> navigate to the directory with that file, choose the file and select open
> -> crash
>
> It's really just the filename, renaming the file to something like
> "bla.lst" makes the crash go away
>
>
> I had two types of error messages on my console.
> 1) Sometimes I had
> kst: posixio.c:396: px_get: Assertion `extent != 0' failed.
> KCrash: Application 'kst' crashing...
>
> 2) Most of the times I have
> *** buffer overflow detected ***: kst terminated
> ======= Backtrace: =========
> /lib64/libc.so.6(__chk_fail+0x2f)[0x2ae735e39d4f]
> /opt/kde3/lib64/kde3/kstdata_frame.so(CReadData+0xbf)[0x2aaaaad045ff]
> /opt/kde3/lib64/kde3/kstdata_frame.so(understands_frame+0x4a)[0x2aaaaad00db
>a] /opt/kde3/lib64/libkst.so.1[0x2ae733d8e6d1]
> /opt/kde3/lib64/libkst.so.1(_ZN13KstDataSource18fieldListForSourceERK7QStri
>ngS2_PS0_Pb+0x109)[0x2ae733d90849]
> /opt/kde3/lib64/libkstapp.so.1(_ZN10DataWizard13sourceChangedERK7QString+0x
>e9d)[0x2ae7338171ad]
> /opt/kde3/lib64/libkstapp.so.1(_ZN10DataWizard9qt_invokeEiP8QUObject+0x12d)
>[0x2ae73380c15d]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QObject15activate_signalEP15QConnectio
>nListP8QUObject+0x14c)[0x2ae735370adc]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QObject15activate_signalEi7QString+0x1
>56)[0x2ae7353713c6]
> /opt/kde3/lib64/libkio.so.4(_ZN13KURLRequester11textChangedERK7QString+0x25
>)[0x2ae7342c45c5]
> /opt/kde3/lib64/libkio.so.4(_ZN13KURLRequester7qt_emitEiP8QUObject+0x6f)[0x
>2ae7342c465f]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QObject15activate_signalEP15QConnectio
>nListP8QUObject+0x18a)[0x2ae735370b1a]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QObject15activate_signalEi7QString+0x1
>56)[0x2ae7353713c6]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN9QLineEdit11textChangedERK7QString+0x25
>)[0x2ae735661885]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN16QLineEditPrivate12finishChangeEib+0xd
>2)[0x2ae7354291f2]
> /opt/kde3/lib64/libkio.so.4(_ZN13KURLRequester7setKURLERK4KURL+0x15a)[0x2ae
>7342c482a]
> /opt/kde3/lib64/libkio.so.4(_ZN13KURLRequester14slotOpenDialogEv+0x262)[0x2
>ae7342f31f2]
> /opt/kde3/lib64/libkio.so.4(_ZN13KURLRequester9qt_invokeEiP8QUObject+0x8d)[
>0x2ae7342f351d]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QObject15activate_signalEP15QConnectio
>nListP8QUObject+0x14c)[0x2ae735370adc]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QObject15activate_signalEi+0xa3)[0x2ae
>7353717b3]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QWidget5eventEP6QEvent+0x3c7)[0x2ae735
>3a37b7]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN12QApplication14internalNotifyEP7QObjec
>tP6QEvent+0x85)[0x2ae735319eb5]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN12QApplication6notifyEP7QObjectP6QEvent
>+0x2a1)[0x2ae73531adf1]
> /opt/kde3/lib64/libkdecore.so.4(_ZN12KApplication6notifyEP7QObjectP6QEvent+
>0x198)[0x2ae734d5fe38]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN9QETWidget19translateMouseEventEPK7_XEv
>ent+0x489)[0x2ae7352c2399]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN12QApplication15x11ProcessEventEP7_XEve
>nt+0x6d3)[0x2ae7352c13f3]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN10QEventLoop13processEventsEj+0x41f)[0x
>2ae7352d040f]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN10QEventLoop9enterLoopEv+0x43)[0x2ae735
>32e963]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QDialog4execEv+0x7b)[0x2ae7354cfdbb]
> /opt/kde3/lib64/libkstapp.so.1(_ZN6KstApp14showDataWizardEv+0x35)[0x2ae7337
>b55d5]
> /opt/kde3/lib64/libkstapp.so.1(_ZN20KstQuickStartDialogI9qt_invokeEiP8QUObj
>ect+0xbd)[0x2ae73377950d]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QObject15activate_signalEP15QConnectio
>nListP8QUObject+0x14c)[0x2ae735370adc]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QObject15activate_signalEi+0xa3)[0x2ae
>7353717b3]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN7QWidget5eventEP6QEvent+0x3c7)[0x2ae735
>3a37b7]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN12QApplication14internalNotifyEP7QObjec
>tP6QEvent+0x85)[0x2ae735319eb5]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN12QApplication6notifyEP7QObjectP6QEvent
>+0x2a1)[0x2ae73531adf1]
> /opt/kde3/lib64/libkdecore.so.4(_ZN12KApplication6notifyEP7QObjectP6QEvent+
>0x198)[0x2ae734d5fe38]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN9QETWidget19translateMouseEventEPK7_XEv
>ent+0x489)[0x2ae7352c2399]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN12QApplication15x11ProcessEventEP7_XEve
>nt+0x6d3)[0x2ae7352c13f3]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN10QEventLoop13processEventsEj+0x41f)[0x
>2ae7352d040f]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN10QEventLoop9enterLoopEv+0x43)[0x2ae735
>32e963]
> /usr/lib/qt3/lib64/libqt-mt.so.3(_ZN10QEventLoop4execEv+0x22)[0x2ae73532e81
>2] kst[0x40cd7b]
> /lib64/libc.so.6(__libc_start_main+0xf4)[0x2ae735d84ae4]
> kst(_ZN6QGListD0Ev+0x81)[0x406d69]
> ======= Memory map: ========
> 00400000-00414000 r-xp 00000000 08:17 394143                            
> /opt/kde3/bin/kst 00613000-00615000 rw-p 00013000 08:17 394143             
>                /opt/kde3/bin/kst 00615000-00fd7000 rw-p 00615000 00:00 0   
>                               [heap] 40000000-40001000 ---p 40000000 00:00
> 0
> 40001000-40801000 rw-p 40001000 00:00 0
> 2aaaaaabf000-2aaaaaaf4000 r--s 00000000 08:17 1676580                   
> /var/run/nscd/passwd 2aaaaaaf4000-2aaaaaafa000 r-xp 00000000 08:17 1435275 
>                   /opt/kde3/lib64/kde3/kstdata_indirect.so
> 2aaaaaafa000-2aaaaacfa000 ---p 00006000 08:17 1435275                   
> /opt/kde3/lib64/kde3/kstdata_indirect.so 2aaaaacfa000-2aaaaacfc000 rw-p
> 00006000 08:17 1435275                   
> /opt/kde3/lib64/kde3/kstdata_indirect.so 2aaaaacfc000-2aaaaacfd000 r--p
> 00000000 08:17 1759367                   
> /usr/share/locale/en_GB/LC_MESSAGES/libc.mo 2aaaaacfd000-2aaaaad08000 r-xp
> 00000000 08:17 1435271                   
> /opt/kde3/lib64/kde3/kstdata_frame.so 2aaaaad08000-2aaaaaf07000 ---p
> 0000b000 08:17 1435271                   
> /opt/kde3/lib64/kde3/kstdata_frame.so 2aaaaaf07000-2aaaaaf09000 rw-p
> 0000a000 08:17 1435271                   
> /opt/kde3/lib64/kde3/kstdata_frame.so 2aaaaaf09000-2aaaaaf1e000 r-xp
> 00000000 08:17 1435263                   
> /opt/kde3/lib64/kde3/kstdata_ascii.so 2aaaaaf1e000-2aaaab11e000 ---p
> 00015000 08:17 1435263                   
> /opt/kde3/lib64/kde3/kstdata_ascii.so 2aaaab11e000-2aaaab120000 rw-p
> 00015000 08:17 1435263                   
> /opt/kde3/lib64/kde3/kstdata_ascii.so 2aaaab120000-2aaaab12b000 r-xp
> 00000000 08:17 1435267                   
> /opt/kde3/lib64/kde3/kstdata_dirfile.so 2aaaab12b000-2aaaab32a000 ---p
> 0000b000 08:17 1435267                   
> /opt/kde3/lib64/kde3/kstdata_dirfile.so 2aaaab32a000-2aaaab32c000 rw-p
> 0000a000 08:17 1435267                   
> /opt/kde3/lib64/kde3/kstdata_dirfile.so 2aaaab32c000-2aaaab37e000 r-xp
> 00000000 08:17 1435279                   
> /opt/kde3/lib64/kde3/kstdata_netcdf.so 2aaaab37e000-2aaaab57e000 ---p
> 00052000 08:17 1435279                   
> /opt/kde3/lib64/kde3/kstdata_netcdf.so 2aaaab57e000-2aaaab581000 rw-p
> 00052000 08:17 1435279                   
> /opt/kde3/lib64/kde3/kstdata_netcdf.so 2aaaab581000-2aaaab583000 rw-p
> 2aaaab581000 00:00 0
> 2aaaab583000-2aaaab589000 r-xp 00000000 08:17 1435299                   
> /opt/kde3/lib64/kde3/kstdata_qimagesource.so 2aaaab589000-2aaaab788000 ---p
> 00006000 08:17 1435299                   
> /opt/kde3/lib64/kde3/kstdata_qimagesource.so 2aaaab788000-2aaaab78a000 rw-p
> 00005000 08:17 1435299                   
> /opt/kde3/lib64/kde3/kstdata_qimagesource.so 2aaaab78a000-2aaaab78c000 rw-p
> 2aaaab78a000 00:00 0
> 2aaaab7c3000-2aaaab7cd000 r-xp 00000000 08:17 2216186                   
> /lib64/libnss_files-2.5.so 2aaaab7cd000-2aaaab9cc000 ---p 0000a000 08:17
> 2216186                    /lib64/libnss_files-2.5.so
> 2aaaab9cc000-2aaaab9ce000 rw-p 00009000 08:17 2216186                   
> /lib64/libnss_files-2.5.so 2aaaac000000-2aaaac021000 rw-p 2aaaac000000
> 00:00 0
> 2aaaac021000-2aaab0000000 ---p 2aaaac021000 00:00 0
> 2ae733366000-2ae733382000 r-xp 00000000 08:17 2216162                   
> /lib64/ld-2.5.so 2ae733382000-2ae733383000 rw-p 2ae733382000 00:00 0
> 2ae733383000-2ae733384000 r--p 00000000 08:17 1838599                   
> /usr/lib/locale/en_GB.utf8/LC_IDENTIFICATION 2ae733384000-2ae73338b000 r--s
> 00000000 08:17 1855330                   
> /usr/lib64/gconv/gconv-modules.cache 2ae73338b000-2ae73338c000 r--p
> 00000000 08:17 1855367                   
> /usr/lib/locale/en_GB.utf8/LC_MEASUREMENT 2ae73338c000-2ae73338d000 r--p
> 00000000 08:17 1840644                   
> /usr/lib/locale/en_GB.utf8/LC_TELEPHONE 2ae73338d000-2ae73338e000 r--p
> 00000000 08:17 1840583                   
> /usr/lib/locale/en_GB.utf8/LC_ADDRESS 2ae73338e000-2ae73338f000 r--p
> 00000000 08:17 1840645                   
> /usr/lib/locale/en_GB.utf8/LC_NAME 2ae73338f000-2ae733390000 r--p 00000000
> 08:17 1855366                    /usr/lib/locale/en_GB.utf8/LC_PAPER
> 2ae733390000-2ae733391000 r--p 00000000 08:17 1840713                   
> /usr/lib/locale/en_GB.utf8/LC_MESSAGES/SYS_LC_MESSAGES
> 2ae733391000-2ae733392000 r--p 00000000 08:17 1840646                   
> /usr/lib/locale/en_GB.utf8/LC_MONETARY 2ae7333bc000-2ae7333bd000 rw-p
> 2ae7333bc000 00:00 0
> 2ae7333bd000-2ae733494000 r--p 00000000 08:17 1855369                   
> /usr/lib/locale/en_GB.utf8/LC_COLLATE 2ae733494000-2ae733495000 r--p
> 00000000 08:17 1840582                   
> /usr/lib/locale/en_GB.utf8/LC_TIME 2ae733495000-2ae733496000 r--p 00000000
> 08:17 1855361                    /usr/lib/locale/en_GB.utf8/LC_NUMERIC
> 2ae733496000-2ae7334d1000 r--p 00000000 08:17 1855368                   
> /usr/lib/locale/en_GB.utf8/LC_CTYPE 2ae7334d1000-2ae7334d2000 r--s 00000000
> 08:17 1676627                   
> /var/cache/fontconfig/cf6c88e680607f2ab796171745f068a4-x86-64.cache-2
> 2ae7334d2000-2ae7334d3000 r--s 00000000 08:09 462254                    
> /home/bach/.fontconfig/ee977348e8c023fbc96a494f7da23515-x86-64.cache-2
> 2ae7334d3000-2ae733KCrash: Application 'kst' crashing...
> _______________________________________________
> Kst mailing list
> Kst at kde.org
> https://mail.kde.org/mailman/listinfo/kst

More information about the Kst mailing list