Re: [bug-libunistring] SIGSEGV on malloc() failure

Re: [bug-libunistring] SIGSEGV on malloc() failure

[Bruno Haible]

[CCing bug-gnulib, since the function 'iconveh_open' comes from gnulib.]

Tim Rühsen wrote in
<https://lists.gnu.org/archive/html/bug-libunistring/2019-01/msg00000.html>:
> I just tested random malloc() failures and stumbled upon a SIGSEGV
> (details below).
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x00007ffff7dd1f61 in __gconv_close (cd=0x0) at gconv_close.c:34
> 34      gconv_close.c: Datei oder Verzeichnis nicht gefunden.
> (gdb) bt
> #0  0x00007ffff7dd1f61 in __gconv_close (cd=0x0) at gconv_close.c:34
> #1  0x00007ffff7dd185f in iconv_close (cd=<optimized out>) at
> iconv_close.c:35
> #2  0x00007ffff7c3ddc3 in libunistring_iconveh_open () from
> /usr/lib/x86_64-linux-gnu/libunistring.so.2
> #3  0x00007ffff7c3dfcd in libunistring_mem_iconveh () from
> /usr/lib/x86_64-linux-gnu/libunistring.so.2

Thanks for the report. The stack trace immediately tells me where
the problem comes from. This patch should fix it.

It has been a long-standing bug (introduced on 2009-08-30).


2019-01-26  Bruno Haible  <bruno@clisp.org>

	striconveh: Fix use of uninitialized iconv_t.
	Reported by Tim Rühsen <tim.ruehsen@gmx.de> in
	<https://lists.gnu.org/archive/html/bug-libunistring/2019-01/msg00000.html>.
	* lib/striconveh.c (iconveh_open): Correct the iconv_close argument.

diff --git a/lib/striconveh.c b/lib/striconveh.c
index d4cc503..91184be 100644
--- a/lib/striconveh.c
+++ b/lib/striconveh.c
@@ -73,7 +73,7 @@ iconveh_open (const char *to_codeset, const char *from_codeset, iconveh_t *cdp)
         {
           int saved_errno = errno;
           if (cd != (iconv_t)(-1))
-            iconv_close (cdp->cd);
+            iconv_close (cd);
           errno = saved_errno;
           return -1;
         }