[PATCH] Fix reading of "task_state_array"

[Michael Holzheu <holzheu@xxxxxxxxxxxxxxxxxx>]

Hi Dave,

Crash seems to assume that the "task_state_array" is NULL terminated. This is
not the case:

static const char *task_state_array[] = {
        "R (running)",          /*  0 */
        "S (sleeping)",         /*  1 */
...
        "X (dead)"              /* 32 */
};

I have a dump where this leads to a crash crash.

I think, when reading the array, we should use the array size as
loop exit criteria instead of checking for NULL termination.

Michael
---
diff -Naurp crash-5.0.6/task.c crash-5.0.6-task_state_array-fix//task.c
--- crash-5.0.6/task.c	2010-07-19 21:21:33.000000000 +0200
+++ crash-5.0.6-task_state_array-fix//task.c	2010-08-27 15:22:16.000000000 +0200
@@ -4296,6 +4296,7 @@ initialize_task_state(void)
 	ulong bitpos;
 	ulong str, task_state_array;
 	char buf[BUFSIZE];
+	int i;
 
 	if (!symbol_exists("task_state_array") ||
 	    !readmem(task_state_array = symbol_value("task_state_array"),
@@ -4313,7 +4314,7 @@ old_defaults:
 	}
 		
 	bitpos = 0;
-	while (str) {
+	for (i = 0; i < get_array_length("task_state_array", NULL, 0); i++) {
 		if (!read_string(str, buf, BUFSIZE-1))
 			break;
 

Crash assumes that the "task_state_array" is NULL terminated. This is not the
case:

static const char *task_state_array[] = {
        "R (running)",          /*  0 */
        "S (sleeping)",         /*  1 */
...
        "X (dead)"              /* 32 */
};

When reading the array, we should use the array size as exit criteria instead
of checking for NULL termination.

diff -Naurp crash-5.0.6/task.c crash-5.0.6-task_state_array-fix//task.c
--- crash-5.0.6/task.c	2010-07-19 21:21:33.000000000 +0200
+++ crash-5.0.6-task_state_array-fix//task.c	2010-08-27 15:22:16.000000000 +0200
@@ -4296,6 +4296,7 @@ initialize_task_state(void)
 	ulong bitpos;
 	ulong str, task_state_array;
 	char buf[BUFSIZE];
+	int i;
 
 	if (!symbol_exists("task_state_array") ||
 	    !readmem(task_state_array = symbol_value("task_state_array"),
@@ -4313,7 +4314,7 @@ old_defaults:
 	}
 		
 	bitpos = 0;
-	while (str) {
+	for (i = 0; i < get_array_length("task_state_array", NULL, 0); i++) {
 		if (!read_string(str, buf, BUFSIZE-1))
 			break;
 

--
Crash-utility mailing list
Crash-utility@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/crash-utility