Bug#665432: gnuplot: using stdin makes gnuplot crash
Vincent Lefevre
vincent at vinc17.net
Mon Mar 26 21:11:47 UTC 2012
On 2012-03-26 22:52:01 +0200, Vincent Lefevre wrote:
> It was supported in the past, at least up to 4.4 (by convention, '-'
> generally means stdin in command arguments when a filename is expected,
> even though this is not always documented). However I've just noticed
> that there's no such problem if I replace '-' by '/dev/stdin'. So,
> I suspect a parsing bug of the command line arguments.
Something more complex, as
echo | gnuplot -
does not crash.
FYI,
$ echo "foo" | valgrind gnuplot -
==11357== Memcheck, a memory error detector
==11357== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==11357== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==11357== Command: gnuplot -
==11357==
==11357== Invalid read of size 8
==11357== at 0x41EB76: ??? (in /usr/bin/gnuplot)
==11357== by 0x4226BB: ??? (in /usr/bin/gnuplot)
==11357== by 0x4166E4: ??? (in /usr/bin/gnuplot)
==11357== by 0x70A0EAC: (below main) (libc-start.c:228)
==11357== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==11357==
==11357==
==11357== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==11357== Access not within mapped region at address 0x0
==11357== at 0x41EB76: ??? (in /usr/bin/gnuplot)
==11357== by 0x4226BB: ??? (in /usr/bin/gnuplot)
==11357== by 0x4166E4: ??? (in /usr/bin/gnuplot)
==11357== by 0x70A0EAC: (below main) (libc-start.c:228)
==11357== If you believe this happened as a result of a stack
==11357== overflow in your program's main thread (unlikely but
==11357== possible), you can try to increase the size of the
==11357== main thread stack using the --main-stacksize= flag.
==11357== The main thread stack size used in this run was 8388608.
[...]
A null pointer dereference?
The plot.c file contains:
if (argc > 1) {
#ifdef _Windows
TBOOLEAN noend = persist_cl;
#endif
/* load filenames given as arguments */
while (--argc > 0) {
++argv;
c_token = 0;
#ifdef _Windows
if (stricmp(*argv, "-noend") == 0 || stricmp(*argv, "/noend") == 0
|| stricmp(*argv, "-persist") == 0)
noend = TRUE;
else
#endif
if (!strncmp(*argv, "-persist", 2) || !strcmp(*argv, "--persist")) {
FPRINTF((stderr,"'persist' command line option recognized\n"));
} else if (strcmp(*argv, "-") == 0) {
interactive = TRUE;
while (!com_line());
interactive = FALSE;
} else if (strcmp(*argv, "-e") == 0) {
--argc; ++argv;
if (argc <= 0) {
fprintf(stderr, "syntax: gnuplot -e \"commands\"\n");
return 0;
}
do_string(*argv);
} else {
load_file(loadpath_fopen(*argv, "r"), gp_strdup(*argv), FALSE);
}
}
#ifdef _Windows
if (noend) {
interactive = TRUE;
while (!com_line());
}
#endif
} else {
/* take commands from stdin */
while (!com_line());
}
So, there seems to be a problem with com_line() while interactive
is TRUE (and I wonder what the intent is...).
--
Vincent Lefèvre <vincent at vinc17.net> - Web: <http://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
More information about the debian-science-maintainers
mailing list