Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Oct 2009 02:35:06 +0200
From:      =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To:        d@delphij.net
Cc:        FreeBSD Current <freebsd-current@freebsd.org>
Subject:   Re: sftp broken?
Message-ID:  <8663aiert1.fsf@ds4.des.no>
In-Reply-To: <4AD5073B.5030100@delphij.net> (Xin LI's message of "Tue, 13 Oct 2009 16:03:23 -0700")
References:  <4AD5073B.5030100@delphij.net>

next in thread | previous in thread | raw e-mail | index | archive | help
--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Xin LI <delphij@delphij.net> writes:
> The backtrace shows that the access violation happen inside libc
> (glob*) but I have not yet got a clue why this would ever happen.

It's trying to dereference a NULL function pointer:

(gdb) frame 1
#1  0x0000000800ef9920 in glob2 (pathbuf=3D0x7fffffff5660,=20
    pathend=3D0x7fffffff56a8, pathend_last=3D0x7fffffff7658,=20
    pattern=3D0x7fffffff76a8, pglob=3D0x7fffffffd8d0, limit=3D0x7fffffffd72=
0)
    at /usr/src/lib/libc/gen/glob.c:844
844			return((*pglob->gl_lstat)(buf, sb));
(gdb) p pglob
$1 =3D (glob_t *) 0x7fffffffd8d0
(gdb) p *pglob
$2 =3D {gl_pathc =3D 0, gl_matchc =3D 0, gl_offs =3D 0, gl_flags =3D 216,=20
  gl_pathv =3D 0x0, gl_errfunc =3D 0, gl_closedir =3D 0x408bfb <fudge_opend=
ir>,=20
  gl_readdir =3D 0x408b50 <fudge_lstat>, gl_opendir =3D 0x408b20 <fudge_sta=
t>,=20
  gl_lstat =3D 0, gl_stat =3D 0x7fffffffda00}

The problem is that OpenSSH wants to use its own version of glob(3), but
we don't compile it or link it in, so it calls ours with a struct pglob
that has the wrong layout.  The attached patch should fix that, I will
commit it when I've tested it more thoroughly.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline; filename=openssh-glob.diff

Index: crypto/openssh/ssh_namespace.h
===================================================================
--- crypto/openssh/ssh_namespace.h	(revision 197801)
+++ crypto/openssh/ssh_namespace.h	(working copy)
@@ -223,6 +223,8 @@
 #define get_u32					ssh_get_u32
 #define get_u64					ssh_get_u64
 #define getrrsetbyname				ssh_getrrsetbyname
+#define glob					ssh_glob
+#define globfree				ssh_globfree
 #define host_hash				ssh_host_hash
 #define hostfile_read_key			ssh_hostfile_read_key
 #define hpdelim					ssh_hpdelim
Index: secure/lib/libssh/Makefile
===================================================================
--- secure/lib/libssh/Makefile	(revision 197801)
+++ secure/lib/libssh/Makefile	(working copy)
@@ -19,7 +19,7 @@
 # compiled directly into sshd instead.
 
 # Portability layer
-SRCS+=	bsd-misc.c fmt_scaled.c getrrsetbyname.c \
+SRCS+=	bsd-misc.c fmt_scaled.c getrrsetbyname.c glob.c \
 	openssl-compat.c port-tun.c strtonum.c vis.c xcrypt.c xmmap.c
 # FreeBSD additions
 SRCS+=	version.c

--=-=-=--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8663aiert1.fsf>