A bug perhaps?

[methodic]

Hi,

I have a newLISP script that uses a shared library, and upon passing it a specific argument (JSON) with a specific length (63 characters), I am able to crash newLISP.

Here is the string that crashes it:

Code: Select all

(set 'test "{\"ID\":\"somedumbuser@ahost.com\",\"DEBUG\":\"why does this crash63\"}")

These, however, will not crash newLISP:

Code: Select all

(set 'test "{\"ID\":\"somedumbuser@ahost.com\",\"DEBUG\":\"why does this crash6\"}")
(set 'test "{\"ID\":\"somedumbuser@ahost.com\",\"DEBUG\":\"why does this crash630\"}")

GDB outputs the following, I tested this against 10.2.8 and 10.2.18:

Code: Select all

Program received signal SIGSEGV, Segmentation fault.
copyCell (cell=0x10009) at newlisp.c:2013
2013	newCell->type = cell->type;
(gdb) bt
#0  copyCell (cell=0x10009) at newlisp.c:2013
#1  0x0804be82 in copyCell (cell=0x10009) at newlisp.c:2030
#2  0x08054409 in p_println (params=0x8089e20) at newlisp.c:5749
#3  0x0804e308 in evaluateExpression (cell=0x808ba20) at newlisp.c:1389
#4  0x08052361 in evaluateStream (stream=0xbffffa1c, outDevice=0, flag=1) at newlisp.c:1116
#5  0x080525c5 in loadFile (fileName=0xbffffddc "./test.lsp", offset=0, encryptFlag=0, context=0x8099e28) at newlisp.c:2995
#6  0x08053332 in main (argc=2, argv=0xbffffc84) at newlisp.c:733

Thanks!

[Lutz]

To investigate this I need more information:

(1) What "shared library" do you mean: a C library from which functions are imported, or do you mean one of the standard modules shipped with newLISP? Or perhaps a module which imports a C library?

(2) On what platform are you running 10.2.8 and 10.2.18 and is it newLISP 32bit or 64bit (if from the downloads page then it is 32bit, 64bit shows in the sign-on message) ?

(3) What does test.lsp contain? Please cut down test.lsp to a minimum, that still causes the crashing, that help and facilitates finding the problem.

I thought you meant perhaps the json.lsp module and tried this

Code: Select all

> (module "json.lsp")
MAIN
> (set 'test "{\"ID\":\"somedumbuser@ahost.com\",\"DEBUG\":\"why does this crash63\"}")
"{\"ID\":\"somedumbuser@ahost.com\",\"DEBUG\":\"why does this crash63\"}"
> (json2expr test)
(("ID" "somedumbuser@ahost.com") ("DEBUG" "why does this crash63"))

I also tried crash6 and crash630, but all went fine. This was with newLISP versions 10.2.8 and 10.2.18 on Mac OSX 10.6

If you are talking about a C library I also need to know how the function you were calling was imported and/or wrapped by a newLISP function. In that case the problem may be the way you are passing parameters. See also here: http://www.newlisp.org/downloads/CodePa ... tml#toc-23

[methodic]

Sorry for the noise Lutz, the bug was due to the shared library. It had to do with AES encryption, and the subroutine was expecting a NULL terminated block-size string of 64 bytes.