This is the mail archive of the
libc-alpha@sourceware.cygnus.com
mailing list for the glibc project.
[iconv crashes]
- To: libc-alpha at sourceware dot cygnus dot com
- Subject: [iconv crashes]
- From: a-higuti at math dot sci dot hokudai dot ac dot jp (Akira Higuchi)
- Date: Thu, 1 Jun 2000 21:15:59 +0900 (JST)
- Cc: a at kondara dot org
>Submitter-Id: net
>Originator: Akira Higuchi
>Organization: Kondara Project
>Confidential: no
>Synopsis: iconv() crashes
>Severity: serious
>Priority: medium
>Category: libc
>Class: sw-bug
>Release: libc-2.1.90
>Environment:
Host type: i586-redhat-linux-gnu
System: Linux kemule 2.2.14-5k3 #1 Sun Apr 9 09:47:14 JST 2000 i686 unknown
Architecture: i686
Addons: c_stubs glibc-compat linuxthreads soft-fp
Build CFLAGS: -mpentium -D__USE_STRING_INLINES -fstrict-aliasing -mcpu=i586 -g -O3
Build CC: gcc
Compiler version: 2.95.3 19991030 (prerelease)
Kernel headers: 2.2.14-5k3
Symbol versioning: yes
Build static: yes
Build shared: yes
Build pic-default: no
Build profile: yes
Build omitfp: no
Build bounded: no
Build static-nss: no
Stdio: libio
>Description:
Gconv module is sometimes unmapped even if it's in use. Because of it,
iconv() crashes.
>How-To-Repeat:
Please compile and run the following program.
-------------- x8-------------- x8-------------- x8--------------
#include <stdio.h>
#include <iconv.h>
int main (void)
{
char *codesets[] =
{"ISO_8859-1", "ISO_8859-2", "ISO_8859-3", "ISO_8859-4",
"ISO_8859-5", "ISO_8859-6", "ISO_8859-7", "ISO_8859-8",};
iconv_t cd[8], cd_a, cd_b;
int i;
char buffer[1024], *to = buffer;
const char *from = "foobar";
size_t to_left = 1024, from_left = 6;
if ((cd_a = iconv_open ("EUC-JP", "UTF8")) == (iconv_t)-1)
exit (-1);
if ((cd_b = iconv_open ("EUC-JP", "SJIS")) == (iconv_t)-1)
exit (-1);
/* EUC-JP.so is mapped and reffered by two converters. */
iconv_close (cd_a);
/* cd_b is still open */
for (i = 0; i < 8; i++)
if ((cd[i] = iconv_open (codesets[i], "UTF8")) == (iconv_t)-1)
exit (-1);
for (i = 0; i < 8; i++)
iconv_close (cd[i]);
printf ("I'll crash\n");
/* use cd_b ... CRASH! */
printf ("%d\n", iconv (cd_b, &from, &from_left, &to, &to_left));
iconv_close (cd_b);
return 0;
}
-------------- x8-------------- x8-------------- x8--------------
>Fix:
Please apply the following patch.
-------------- x8-------------- x8-------------- x8--------------
--- iconv/gconv_dl.c.org Thu Jun 1 14:56:45 2000
+++ iconv/gconv_dl.c Thu Jun 1 17:55:19 2000
@@ -154,9 +154,9 @@
return;
if (obj == release_handle)
- /* This is the object we want to unload. Now set the release
- counter to zero. */
- obj->counter = 0;
+ /* This is the object we want to unload. Now decrement the reference
+ counter. */
+ obj->counter--;
else if (obj->counter <= 0)
{
if (--obj->counter < -TRIES_BEFORE_UNLOAD && obj->handle != NULL)
-------------- x8-------------- x8-------------- x8--------------
--------------------------------------
Akira Higuchi
Dept. of Mathematics, Hokkaido Univ.
Sapporo, Japan
a-higuti@math.sci.hokudai.ac.jp
a@kondara.org