Bug #1651
TBX: 0.7.8alpha: cqplib buffer overflow with long registry path parameter
| Status: | New | Start date: | 02/04/2016 | ||
|---|---|---|---|---|---|
| Priority: | Normal | Due date: | |||
| Assignee: | - | % Done: | 80% |
||
| Category: | SearchEngine | Spent time: | - | ||
| Target version: | TXM 0.7.8 |
Description
Java_org_txm_searchengine_cqp_MemCqiServer_start: start INIT CQILIB: PARAM: /usr/lib/TXM/cwb/bin/cqpserver PARAM: -I PARAM: /usr/lib/TXM/cwb/cqpserver.init PARAM: -r PARAM: ... very long parameter ... PARAM: -b PARAM: 1000000 PARAM: -d PARAM: OFF PARAM: -P PARAM: 4877 Parse options for app mode 3 *** buffer overflow detected ***: /usr/lib/jvm/java-7-openjdk-amd64/bin/java terminated ======= Backtrace: ========= /lib/x86_64-linux-gnu/libc.so.6(+0x7338f)[0x7f58e974b38f] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x5c)[0x7f58e97e2c9c] /lib/x86_64-linux-gnu/libc.so.6(+0x109b60)[0x7f58e97e1b60] /usr/lib/TXM/cwb/bin/libcqpjni.so(+0x298c5)[0x7f58b64888c5] /usr/lib/TXM/cwb/bin/libcqpjni.so(check_available_corpora+0x38)[0x7f58b6488a48] /usr/lib/TXM/cwb/bin/libcqpjni.so(initialize_cqp+0x16b)[0x7f58b647c3eb] /usr/lib/TXM/cwb/bin/libcqpjni.so(Java_org_txm_searchengine_cqp_MemCqiServer_start+0x14c)[0x7f58b64a961c] [0x7f58dd012d98] ======= Memory map: ======== 00400000-00401000 r-xp 00000000 08:11 1212219 /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java 00600000-00601000 r--p 00000000 08:11 1212219 /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java 00601000-00602000 rw-p 00001000 08:11 1212219 /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java 00a18000-00a39000 rw-p 00000000 00:00 0 [heap]
happen after I imported a "P1719" corpus, if I empty TXM corpora and let only the "P1719" corpus. There is no buffer overflow.
Solution 1¶
it seems that the bug is provoked when the registry path argument is too long or when there is too much loaded corpus.
Find the buffer that fails and change its size.
Validation tests¶
SJ: need more precisions about the validation tests but OK here (Win 7 x64) with this long param command line: Starting NullSearchEngineServer: [C:\Tools\Textometrie\TXM\TXM_0.7.8_64bit\TXM\plugins\CWBInstaller_1.0.0.201604041021\res\win64\cqpserver.exe, -I, C:\Tools\Textometrie\TXM\TXM_0.7.8_64bit\TXM\plugins\CWBInstaller_1.0.0.201604041021\res\cqpserver.init, -r, C:\Users\s\TXM\corpora\graal\registry;C:\Users\s\TXM\corpora\VOEUX\registry;C:\Users\s\TXM\corpora\ANNOTATION\registry;C:\Users\s\TXM\corpora\brown\registry;C:\Users\s\TXM\corpora\CORPUSESTOUT\registry;C:\Users\s\TXM\corpora\discours-back\registry;C:\Users\s\TXM\corpora\EDITONODD\registry;C:\Users\s\TXM\corpora\LIVRETOPERA\registry;C:\Users\s\TXM\corpora\LIVRETSOPERA\registry;C:\Users\s\TXM\corpora\LIVRETSOPERAORIGINAL\registry;C:\Users\s\TXM\corpora\OPERANORMAL\registry;C:\Users\s\TXM\corpora\OPERATESTS\registry;C:\Users\s\TXM\corpora\PARTHA\registry;C:\Users\s\TXM\corpora\PERFS1\registry;C:\Users\s\TXM\corpora\PERFS3\registry;C:\Users\s\TXM\corpora\PERFS4\registry;C:\Users\s\TXM\corpora\PERFS5\registry;C:\Users\s\TXM\corpora\PERFS50\registry;C:\Users\s\TXM\corpora\PERFS6\registry;C:\Users\s\TXM\corpora\PERFS7\registry;C:\Users\s\TXM\corpora\PERFS8\registry;C:\Users\s\TXM\corpora\pressepapier4\registry;C:\Users\s\TXM\corpora\rcorpora\registry;C:\Users\s\TXM\corpora\TESTBUGIMPORTCHINOIS14\registry;C:\Users\s\TXM\corpora\TESTBUGIMPORTCHINOIS16\registry;C:\Users\s\TXM\corpora\TESTBUGIMPORTCHINOIS4_temp\registry;C:\Users\s\TXM\corpora\TESTVI\registry;C:\Users\s\TXM\corpora\TESTVI2\registry, -b, 1000000, -d, OFF, -P, 4877]
History
#1 Updated by Matthieu Decorde over 7 years ago
- Description updated (diff)
#2 Updated by Matthieu Decorde over 7 years ago
- % Done changed from 0 to 50
#3 Updated by Matthieu Decorde over 7 years ago
- Description updated (diff)
#4 Updated by Serge Heiden over 7 years ago
- Description updated (diff)
#5 Updated by Matthieu Decorde over 7 years ago
- Description updated (diff)
#6 Updated by Matthieu Decorde over 7 years ago
- Description updated (diff)
#7 Updated by Sebastien Jacquot over 7 years ago
- Description updated (diff)
#8 Updated by Matthieu Decorde over 7 years ago
- % Done changed from 50 to 80