From nobody  Wed Apr  9 08:06:47 1997
Received: (from nobody@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA24369;
          Wed, 9 Apr 1997 08:06:47 -0700 (PDT)
Message-Id: <199704091506.IAA24369@freefall.freebsd.org>
Date: Wed, 9 Apr 1997 08:06:47 -0700 (PDT)
From: J.Hogeveen@twiddle.com
To: freebsd-gnats-submit@freebsd.org
Subject: ls(1) gets segmentation fault. /usr/src/bin/ls/ls.c:428.
X-Send-Pr-Version: www-1.0

>Number:         3240
>Category:       bin
>Synopsis:       ls(1) gets segmentation fault. /usr/src/bin/ls/ls.c:428.
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Apr  9 08:10:01 PDT 1997
>Closed-Date:    Wed Apr 9 12:16:56 PDT 1997
>Last-Modified:  Wed Apr  9 12:19:12 PDT 1997
>Originator:     Jeroen Hogeveen
>Release:        2.2-STABLE
>Organization:
Twiddle
>Environment:
FreeBSD dot.twiddle.com 2.2-STABLE FreeBSD 2.2-STABLE #0: Thu Apr  3 10:26:03 GMT 1997     vego@dot.twiddle.com:/usr/src/sys/compile/DOT  i386
>Description:
Here is a quick output from the gdb debugger:

dot# gdb ./ls
GDB is free software and you are welcome to distribute copies of it
 under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for details.
GDB 4.16 (i386-unknown-freebsd), Copyright 1996 Free Software Foundation, Inc...
(gdb) run -l /usr/ports
Starting program: /usr/obj/usr/src/bin/ls/./ls -l /usr/ports
Program received signal SIGSEGV, Segmentation fault.
0x1fba in display (p=0x33100, list=0x33b00) at /usr/src/bin/ls/ls.c:428
428                                     if ((ulen = strlen(user)) > maxuser)
(gdb) where
#0  0x1fba in display (p=0x33100, list=0x33b00) at /usr/src/bin/ls/ls.c:428
#1  0x1d32 in traverse (argc=1, argv=0xefbfd914, options=16)
    at /usr/src/bin/ls/ls.c:338
#2  0x1ba1 in main (argc=3, argv=0xefbfd90c) at /usr/src/bin/ls/ls.c:275
(gdb) quit
The program is running.  Quit anyway (and kill it)? (y or n) y

I think it gets the segmentation fault from doing a strlen(NULL).
Haven't checked if user is NULL yet, though, because of slow connection right now.
If I can find some more time soon, I'll look into it. (if it isn't fixed already, by then ;-)
>How-To-Repeat:
No idea.
The problem appears only when doing ls with -l on /usr/ports.
On my home system (also 2.2-STABLE) this problem does not occur, so it's
unique to the /usr/ports directory at dot.twiddle.com.
>Fix:
First guess: check if (user)
>Release-Note:
>Audit-Trail:

From: David Nugent <davidn@unique.usn.blaze.net.au>
To: J.Hogeveen@twiddle.com
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: Re: bin/3240: ls(1) gets segmentation fault. /usr/src/bin/ls/ls.c:428.
Date: Thu, 10 Apr 1997 05:04:52 +1000

 On Wed Apr  9 08:06:47 EST 1997, J.Hogeveen@twiddle.com writes:
 > Starting program: /usr/obj/usr/src/bin/ls/./ls -l /usr/ports
 > Program received signal SIGSEGV, Segmentation fault.
 > 0x1fba in display (p=0x33100, list=0x33b00) at /usr/src/bin/ls/ls.c:428
 > 428                                     if ((ulen = strlen(user)) > maxuser)
 > (gdb) where
 > #0  0x1fba in display (p=0x33100, list=0x33b00) at /usr/src/bin/ls/ls.c:428
 > #1  0x1d32 in traverse (argc=1, argv=0xefbfd914, options=16)
 >     at /usr/src/bin/ls/ls.c:338
 > #2  0x1ba1 in main (argc=3, argv=0xefbfd90c) at /usr/src/bin/ls/ls.c:275
 > (gdb) quit
 > The program is running.  Quit anyway (and kill it)? (y or n) y
 ~
 
 > No idea.
 > The problem appears only when doing ls with -l on /usr/ports.
 > On my home system (also 2.2-STABLE) this problem does not occur, so it's
 > unique to the /usr/ports directory at dot.twiddle.com.
 
 Only because it probably contains a uid/gid that has no matching
 user in /etc/passwd & /etc/group (or, rather, their db equivalents).
 If this is the case, then the problem is pwcache.c in libc. A
 fix for that bug went in around a week ago. Not only ls is
 affected. I had the same problem breifly until I noticed the commit
 message and rebuilt 'world'.
 
 Note that since ls is statically linked, you'll have to not only
 rebuild libc, but relink ls as well.
 
 
 Regards,
 
 David Nugent - Unique Computing Pty Ltd - Melbourne, Australia
 Voice +61-3-9791-9547  Data/BBS +61-3-9792-3507  3:632/348@fidonet
 davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/
State-Changed-From-To: open->closed 
State-Changed-By: mpp 
State-Changed-When: Wed Apr 9 12:16:56 PDT 1997 
State-Changed-Why:  
You need to update your libc.  To be more specific, you need 
to obtain revision 1.4.2.2 of libc/gen/pwcache.c.  There was a 
20 hour or so window where this was broken, and you seem to 
have stumbled across it. 
>Unformatted:
