|
|
ForumsSega Master System / Mark III / Game GearSG-1000 / SC-3000 / SF-7000 / OMV |
Home - Forums - Games - Scans - Maps - Cheats - Credits Music - Videos - Development - Hacks - Translations - Homebrew |
View topic - WIP 2006-12-17 0.72 Beta 5
 |
| Author | Message |
|---|---|
|
 WIP 2006-12-17 0.72 Beta 5
 Posted: Sun Dec 17, 2006 4:40 pm
|
|
Heya,
A new MEKA 2006-12-17 snapshot is available: http://www.smspower.org/meka/wip/ Not much since last (old old) snapshot, but hopefully I'm on track to release a decent 0.72 someday. Note: TV mode is broken as far as I know. It's an old WIP breakage. Otherwise, if you have some time, please switch to this version and report how it works, if it's not any worse than previous versions. MEKA 0.72 WIP 20061217
---------------------- - Updated k. - Emulation: - Fixed data corruption/overflow in VDP emulation when seeking and writing to an invalid palette address. Thanks Maxim. [Omar] - VDP palette write do not mask out current VDP address, so performing the (unprobable) set address/access palette/access VRAM sequence will keep address in the full 16KB range. [Omar] - Fixed VDP line interrupts not properly running in overscan area in 224 lines mode. Fixes bottom of the screen in Charles Mac Donald's BB2K6 demo. [Omar] - Video: - Changed default fullscreen blitter configuration in the hope of getting something more compatible (640x480 by default), as so many people have problems with fullscreen modes. - Got rid of "parallel" blitter that displayed both odd and even frame next to each other. Seems useless now. Could be brought back if some four-eyed person request it. [Omar] - Debugger: - Added "CLOCK" command, to display/reset a Z80 cycle counter. Very simple but can be helpful to time Z80 routines. [Omar] - (Win32) Forward debugging log to Windows debugging stream via OutputDebugString(), so running MEKA from Microsoft Visual studio will display log in the 'Output' window. [Omar] - Project: - (Win32) Added new targets supporting shared standard libraries. [Omar] - Updated SOURCES.TXT documentation. [Omar] - GUI: - Fixed background picture not loading on startup. [Omar] - Removed closing fadeout since the current implementation is way inefficient and cannot garantee proper speed. [Omar] - Added and modified entries in the checksum and compatibility lists. [Omar] Some particular renaming includes: SMS - e5ff50d8 - Back to the Future II --> Back to the Future Part II SMS - 2d48c1d3 - Back to the Future III --> Back to the Future Part III SMS - 953f42e1 - Castle of Illusion --> Castle of Illusion - Starring Mickey Mouse SMS - b9db4282 - Castle of Illusion (US) --> Castle of Illusion - Starring Mickey Mouse (US) SMS - 59840fd6 - Castle of Illusion [SMS-GG] --> Castle of Illusion - Starring Mickey Mouse [SMS-GG] SMS - 9942b69b - Castle of Illusion [SMS-GG] (JP) --> Castle of Illusion - Starring Mickey Mouse [SMS-GG] (JP) SMS - 42fc3a6e - Deep Duck Trouble --> Deep Duck Trouble - Starring Donald Duck SMS - 695a9a15 - Jungle Book, The --> Jungle Book, The (Walt Disney's Classic) SMS - 24e97200 - Land of Illusion --> Land of Illusion - Starring Mickey Mouse SMS - 6350e649 - Legend of Illusion (BR) --> Legend of Illusion - Starring Mickey Mouse (BR) SMS - c352c7eb - Lion King, The --> Lion King, The (Disney's) SMS - 1de2c2d0 - Strategic Defense Initiative (JP) --> SDI (JP) GG - bb4f23ff - Adventures of Batman and Robin --> Adventures of Batman & Robin, The GG - 423803a7 - Gambler Jikochuushin Ha (JP) --> Gyuwanburaa Jikochuushin Ha (JP) GG - 90100884 - Jungle Book, The --> Jungle Book, The (Walt Disney's Classic) GG - 30c09f31 - Jungle Book, The (US) --> Jungle Book, The (Walt Disney's Classic) (US) GG - 52dbf3e1 - Land of Illusion --> Land of Illusion - Starring Mickey Mouse GG - 0117c3df - Land of Illusion (JP) --> Mickey Mouse no Mahou no Crystal (JP) GG - 0cd9c20b - Lion King, The --> Lion King, The (Disney's) (EU) GG - 9808d7b3 - Lion King, The (US) --> Lion King, The (Disney's) (US) GG - cc90c723 - Pocket Jong Sou (JP) --> Pocket Jansou (JP) GG - 445d7cd2 - Royal Stone (JP) --> Royal Stone ~Hikarishi Toki no Tobira~ (JP) GG - 95efd52b - Ryu Kyu (JP) --> Ryuu Kyuu (JP) GG - 09f9ed60 - Shadam Crusader (JP) --> Shadam Crusader ~Harukanaru Oukoku~ (JP) SG1 - 545fc9bb - Ashizawa's Hatchidan Tsumeshogi (JP) --> Ashizawa Hachidan no Tsumeshogi (JP) SG1 - 5970a12b - Champion Baseball --> Champion Baseball [16k] SG1 - 09196fc5 - N-Sub (1988) --> N-Sub [16k] (1988) SC3 - 622010e1 - Sega Music Editor --> Music SC3 - b67ea1c4 - Sega Music Editor --> Music [BAD] SC3 - 2ec28526 - Sega Music Editor (JP) --> Music (JP) SC3 - ae4f92cf - Uranai Angel Cuty (JP) --> Uranai Angel Cutie (JP) MEKA 0.72 WIP 20051203 ---------------------- - GUI: - Fixed bug with window closing button widget. [Omar] - Fixed bug when quitting using the menu, configuration files were not saved. Thanks Jacko. [Omar] - (Un*x) Fixed bug where menus would not clear themselves. [Omar] (This was due to Allegro.h defining TRUE as -1 and a 1 value being hardcoded in some part of the code). |
|
  
|
|
|
Posted: Wed Dec 20, 2006 6:41 pm
|
|
Nice release as usual Bock.
Now I have a question. In some Master System games (made at 1993 to be exact) such as Sonic Chaos, Deep Duck Trouble have problems. Sometimes they are fine, other times the games crash after they get to the title card(Level Name) as these problems have been in previous releases. Are they emulation bugs, game bugs or bad dumps? Sound and frame rate seem better in this version for some reason. |
|
|
|
|
|
Posted: Wed Dec 20, 2006 6:45 pm
|
All of my frame-rate woes seem to have vanished in this release (I do modify the config files to run in a DirectX windowed mode which might be causing the problems in the first place, though). |
|
|
|
|
|
Makefile broken?
Posted: Sat Dec 23, 2006 11:37 am
|
|
I just tried to compile the latest Meka Wip under FC6 but I have the following error during make:
gcc -I. -I./tools -I./sound -Ilibs -I../include -DUNIX -DX86_ASM -DMEKA_SOUND -DMEKA_ZIP -DMEKA_PNG -DMEKA_JOY -DMEKA_Z80_DEBUGGER -Wall -march=pentium -O6 -ffast-math -fno-strength-reduce -funroll-all-loops -fomit-frame-pointer -DMARAT_Z80 -c g_box.c -oobj/g_box.o make: *** No rule to make target `obj/g_emu.o', needed by `../meka'. Stop. g_emu.c is no longer present in the sources. If I comment remove this dependency, I get the following error at link time: obj/vdp.o: In function `VDP_VideoMode_Change': vdp.c:(.text+0x94e): undefined reference to `gamebox_resize_all' obj/vmachine.o: In function `Free_ROM': vmachine.c:(.text+0x325): undefined reference to `gamebox_rename_all' obj/country.o: In function `Set_Country_European_US': country.c:(.text+0xde): undefined reference to `gamebox_rename_all' obj/country.o: In function `Set_Country_JP': country.c:(.text+0x16f): undefined reference to `gamebox_rename_all' obj/inputs_u.o: In function `Inputs_Sources_Update': inputs_u.c:(.text+0x8e6): undefined reference to `gamebox_instance' obj/misc.o: In function `Change_System_Misc': misc.c:(.text+0x334): undefined reference to `gamebox_resize_all' obj/file.o: In function `Load_ROM_Misc': file.c:(.text+0x2e0): undefined reference to `gamebox_rename_all' obj/message.o: In function `Lang_Set': message.c:(.text+0x3a3): undefined reference to `gamebox_rename_all' obj/gui.o: In function `gui_redraw': gui.c:(.text+0x997): undefined reference to `gamebox_draw' obj/g_init.o: In function `gui_init': g_init.c:(.text+0x225): undefined reference to `gamebox_create' g_init.c:(.text+0x237): undefined reference to `gamebox_instance' collect2: ld returned 1 exit status make: *** [../meka] Error 1 Andrea. |
|
|
|
|
|
Posted: Sat Dec 23, 2006 2:03 pm
|
|
Hello Andrea.
Sorry, I just fixed that on the SVN repository. g_emu.o has been replaced by app_game.o, you can apply the change easily in your makefile. |
|
|
|
|
|
Posted: Sun Dec 24, 2006 9:24 am
|
Thanks. I fixed it. I have the following issues on the current version of meka: * Sound no longer crashes Meka as I reported on the previously here: http://www.smspower.org/forums/viewtopic.php?t=8572 This time Meka seems to be slow as hell. The mouse pointer is seldom updated and I cannot do anything useful (clicking on a menu entry to load a game, etc) If I choose the "0. Silence" option everthing is fine. * make doesn't compile with -j3. Not a big problem anyway. This is usually done when making RPMs to be friendly to SMP processors. * If I patch the Makefile to use $RPM_OPT_FLAGS in $CFLAGS, I get a buffer overflow at runtime. This is quite bad since this is the right way to make RPMs. $ meka MEKA 0.72 WIP (c) Omar Cornut (Bock) and contributors -- *** buffer overflow detected ***: ./meka terminated ======= Backtrace: ========= /lib/libc.so.6(__chk_fail+0x41)[0x2fa161] /lib/libc.so.6[0x2fa8a8] ./meka(Filenames_Init+0x9d)[0x80936fd] ./meka(main+0xc7)[0x805c8c7] /lib/libc.so.6(__libc_start_main+0xdc)[0x22ef2c] ./meka[0x805c161] ======= Memory map: ======== 00110000-0020e000 r-xp 00000000 03:0a 377123 /usr/lib/libX11.so.6.2.0 0020e000-00212000 rwxp 000fe000 03:0a 377123 /usr/lib/libX11.so.6.2.0 00212000-00213000 rwxp 00212000 00:00 0 00213000-00218000 r-xp 00000000 03:0a 378465 /usr/lib/libXxf86dga.so.1.0.0 00218000-00219000 rwxp 00004000 03:0a 378465 /usr/lib/libXxf86dga.so.1.0.0 00219000-00350000 r-xp 00000000 03:0a 1671695 /lib/libc-2.5.so 00350000-00352000 r-xp 00137000 03:0a 1671695 /lib/libc-2.5.so 00352000-00353000 rwxp 00139000 03:0a 1671695 /lib/libc-2.5.so 00353000-00356000 rwxp 00353000 00:00 0 00356000-0035b000 r-xp 00000000 03:0a 377560 /usr/lib/libXdmcp.so.6.0.0 0035b000-0035c000 rwxp 00004000 03:0a 377560 /usr/lib/libXdmcp.so.6.0.0 0035c000-00364000 r-xp 00000000 03:0a 378384 /usr/lib/libXrender.so.1.3.0 00364000-00365000 rwxp 00007000 03:0a 378384 /usr/lib/libXrender.so.1.3.0 00365000-00369000 r-xp 00000000 03:0a 378433 /usr/lib/libXfixes.so.3.1.0 00369000-0036a000 rwxp 00003000 03:0a 378433 /usr/lib/libXfixes.so.3.1.0 0036a000-0036c000 rwxp 0036a000 00:00 0 00437000-00438000 rwxp 00437000 00:00 0 0045e000-00469000 r-xp 00000000 03:0a 1671236 /lib/libgcc_s-4.1.1-20061011.so.1 00469000-0046a000 rwxp 0000a000 03:0a 1671236 /lib/libgcc_s-4.1.1-20061011.so.1 005c4000-005d6000 r-xp 00000000 03:0a 376840 /usr/lib/libz.so.1.2.3 005d6000-005d7000 rwxp 00011000 03:0a 376840 /usr/lib/libz.so.1.2.3 0065a000-0067f000 r-xp 00000000 03:0a 1672603 /lib/libm-2.5.so 0067f000-00680000 r-xp 00024000 03:0a 1672603 /lib/libm-2.5.so 00680000-00681000 rwxp 00025000 03:0a 1672603 /lib/libm-2.5.so 007d7000-007f0000 r-xp 00000000 03:0a 1671170 /lib/ld-2.5.so 007f0000-007f1000 r-xp 00018000 03:0a 1671170 /lib/ld-2.5.so 007f1000-007f2000 rwxp 00019000 03:0a 1671170 /lib/ld-2.5.so 00839000-00842000 r-xp 00000000 03:0a 378436 /usr/lib/libXcursor.so.1.0.2 00842000-00843000 rwxp 00008000 03:0a 378436 /usr/lib/libXcursor.so.1.0.2 0099b000-00a7d000 r-xp 00000000 03:0a 378701 /usr/lib/liballeg-4.2.0.so 00a7d000-00a8d000 rwxp 000e1000 03:0a 378701 /usr/lib/liballeg-4.2.0.so 00a8d000-00aa2000 rwxp 00a8d000 00:00 0 00ae5000-00af4000 r-xp 00000000 03:0a 378379 /usr/lib/libXext.so.6.4.0 00af4000-00af5000 rwxp 0000e000 03:0a 378379 /usr/lib/libXext.so.6.4.0 00b57000-00b67000 r-xp 00000000 03:0a 377011 /usr/lib/libXpm.so.4.11.0 00b67000-00b68000 rwxp 00010000 03:0a 377011 /usr/lib/libXpm.so.4.11.0 00b80000-00b81000 r-xp 00b80000 00:00 0 [vdso] 00c26000-00c4b000 r-xp 00000000 03:0a 377600 /usr/lib/libpng12.so.0.10.0 00c4b000-00c4c000 rwxp 00024000 03:0a 377600 /usr/lib/libpng12.so.0.10.0 00e03000-00e16000 r-xp 00000000 03:0a 1672631 /lib/libpthread-2.5.so 00e16000-00e17000 r-xp 00012000 03:0a 1672631 /lib/libpthread-2.5.so 00e17000-00e18000 rwxp 00013000 03:0a 1672631 /lib/libpthread-2.5.so 00e18000-00e1a000 rwxp 00e18000 00:00 0 00e2f000-00e30000 rwxp 00e2f000 00:00 0 00ea7000-00ea8000 rwxp 00ea7000 00:00 0 00f51000-00f53000 r-xp 00000000 03:0a 378252 /usr/lib/libXau.so.6.0.0 00f53000-00f54000 rwxp 00001000 03:0a 378252 /usr/lib/libXau.so.6.0.0 00fa6000-00fa8000 r-xp 00000000 03:0a 1672577 /lib/libdl-2.5.so 00fa8000-00fa9000 r-xp 00001000 03:0a 1672577 /lib/libdl-2.5.so 00fa9000-00faa000 rwxp 00002000 03:0a 1672577 /lib/libdl-2.5.so 00ffb000-00fff000 r-xp 00000000 03:0a 378410 /usr/lib/libXxf86vm.so.1.0.0 00fff000-01000000 rwxp 00003000 03:0a 378410 /usr/lib/libXxf86vm.so.1.0.0 08048000-08103000 r-xp 00000000 03:0a 574967 /usr/libexec/meka/meka 08103000-08109000 rwxp 000ba000 03:0a 574967 /usr/libexec/meka/meka 08109000-082f9000 rwxp 08109000 00:00 0 0981b000-0983c000 rwxp 0981b000 00:00 0 bf8e9000-bf8ff000 rwxp bf8e9000 00:00 0 [stack] Abortito For the brave, a src.rpm of the latest version of meka for FC6 is available here: http://www.webalice.it/musuruan/RPMS/wips/meka-0.72-0.1.20061217wip.src.rpm If I'll be able to solve the reported problems I can submit the RPM to dribble to be enjoyed by every fedora user. Bye, Andrea. [/code] |
|
|
|
|
|
Posted: Sun Dec 24, 2006 1:09 pm
|
|
Could you trace in Filenames_Init() and find out where the buffer overflow is?
I'm gonna fix a few of them, but just to be clear on the security issue, MEKA is not meant to run with suid bit set. Running user is responsible for owning all configuration files used by MEKA. |
|
|
|
|
|
Posted: Sun Dec 24, 2006 6:11 pm
|
Here there is a trace: Filenames_Init () at file.c:94 94 strcpy (Env.Paths.EmulatorDirectory, params_v [0]); (gdb) step 98 p = strrchr (Env.Paths.EmulatorDirectory, '/'); (gdb) step 99 if (p) (gdb) step 100 *p = EOSTR; (gdb) step 112 strcpy (temp, Env.Paths.EmulatorDirectory); (gdb) step 35 return __realpath_chk (__name, __resolved, __bos (__resolved)); (gdb) step *** buffer overflow detected ***: /usr/libexec/meka/meka terminated Here there is the backtrace: (gdb) backtrace #0 0x00add402 in __kernel_vsyscall () #1 0x006ecd40 in raise () from /lib/libc.so.6 #2 0x006ee591 in abort () from /lib/libc.so.6 #3 0x0072218b in __libc_message () from /lib/libc.so.6 #4 0x007a5161 in __chk_fail () from /lib/libc.so.6 #5 0x007a58a8 in __realpath_chk () from /lib/libc.so.6 #6 0x080936fd in Filenames_Init () at /usr/include/bits/stdlib.h:35 #7 0x0805c8c7 in main (argc=Cannot access memory at address 0x11f1 ) at meka.c:362 HTH. If you need something else, please ask. Merry Xmas, Andrea. |
|
|
|
|
|
Posted: Sun Jan 07, 2007 11:26 pm
|
|
I've downloaded right now the last meka wip (17-12-2006) and had few problems. Don't know why but the main character is always running in one direction.
For instance: In Phantasy Star Alis is always walking up. In Sonic 1, he is always walking left. In 0.71 this don't happen. Any clues? Thanks a lot. |
|
|
|
|
|
Posted: Mon Jan 08, 2007 10:07 am
|
May you have a problem with a stuck key? Try to enable/disable joypad in INPUTS-CONFIGURATION menu, see if it change anything. Do you have a plugged joypad that could be mis-calibrated under Windows? You can check in Windows "Game Controlers" control panel. |
|
|
|
|
|
Posted: Sun Feb 04, 2007 3:32 pm
|
I think the attached patch solves the problem I reported. Please let me know what you think. Bye, Andrea. |
|
|
|
|
|
Posted: Sat Feb 24, 2007 5:01 pm
|
PATH_MAX doesn't seem portable (can't get it under Windows). I'll use an equivalent (probably MAXPATHLEN) but the string copy code is essentially unsafe anyway I'll rework it. Just out of curiousity, what is the full path to your MEKA files? |
|
|
|
|
|
Posted: Sat Feb 24, 2007 6:42 pm
|
It is shorted than 256 chars now that you made me think. Now I really don't know how my patch solved the issue for me.... where is this damn buffer overflow? These are the CFLAGS I use to compile meka (they are the standard one that fedora rpm build uses): -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables Andrea. |
|
|
|
|
|
Posted: Sun Feb 25, 2007 9:25 am
|
| Maybe argv[0] (called params[0] in this code extract) is in fault. Can you have it printed? | |
|
|
|
|
Posted: Sun Feb 25, 2007 1:49 pm
|
Here it is a full trace: $ gdb /usr/libexec/meka/meka GNU gdb Red Hat Linux (6.5-15.fc6rh) Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/libthread_db.so.1". (gdb) start Breakpoint 1 at 0x805c814: file meka.c, line 323. Starting program: /usr/libexec/meka/meka [Thread debugging using libthread_db enabled] [New Thread 3740736 (LWP 10368)] [Switching to Thread 3740736 (LWP 10368)] main (argc=1, argv=0xbf8b6884) at meka.c:323 323 { (gdb) step 335 ConsoleInit (); // First thing to do (gdb) step ConsoleInit () at message.c:373 373 } (gdb) step ConsoleInit () at message.c:366 366 ConsolePause = FALSE; (gdb) step 373 } (gdb) step main (argc=1, argv=0xbf8b6884) at meka.c:339 339 ConsolePrintf ("\n%s (c) %s\n--\n", MEKA_NAME_VERSION, MEKA_AUTHORS); (gdb) step ConsolePrintf (format=0x80e63f3 "\n%s (c) %s\n--\n") at message.c:397 397 va_start (params, format); (gdb) step 398 vsprintf (Msg_Buf, format, params); (gdb) step 401 ConsolePrint(Msg_Buf); (gdb) step ConsolePrint ( msg=0x810aa80 "\nMEKA 0.72 WIP (c) Omar Cornut (Bock) and contributors\n--\n") at message.c:421 421 printf("%s", msg); (gdb) step MEKA 0.72 WIP (c) Omar Cornut (Bock) and contributors -- 422 fflush (stdout); (gdb) step 425 } (gdb) step ConsolePrint (msg=0x80e63f3 "\n%s (c) %s\n--\n") at message.c:422 422 fflush (stdout); (gdb) step 0x002947b0 in fflush () from /lib/libc.so.6 (gdb) step Single stepping until exit from function fflush, which has no line number information. ConsolePrintf (format=0x80e63f3 "\n%s (c) %s\n--\n") at message.c:402 402 } (gdb) step main (argc=Cannot access memory at address 0x0 ) at meka.c:343 343 if (!ConsoleWaitForAnswer(TRUE)) (gdb) step ConsoleWaitForAnswer (allow_run=-1) at message.c:450 450 } (gdb) step main (argc=1, argv=0xbf8b6884) at meka.c:348 348 params_v = malloc (sizeof (char *) * (params_c + 1)); (gdb) step 347 params_c = argc; (gdb) step 348 params_v = malloc (sizeof (char *) * (params_c + 1)); (gdb) step 349 for (i = 0; i < params_c; i ++) (gdb) step 348 params_v = malloc (sizeof (char *) * (params_c + 1)); (gdb) step 349 for (i = 0; i < params_c; i ++) (gdb) step 351 params_v [i] = strdup (argv [i]); (gdb) step 349 for (i = 0; i < params_c; i ++) (gdb) step 351 params_v [i] = strdup (argv [i]); (gdb) step 349 for (i = 0; i < params_c; i ++) (gdb) step 351 params_v [i] = strdup (argv [i]); (gdb) step 349 for (i = 0; i < params_c; i ++) (gdb) step 356 params_v [i] = NULL; (gdb) step 361 Meka_State = MEKA_STATE_INIT; (gdb) print i $1 = 1 (gdb) print params_c $2 = 1 (gdb) print params_v[0] $3 = 0x97a9198 "/usr/libexec/meka/meka" (gdb) print params_v[1] $4 = 0x0 (gdb) step 356 params_v [i] = NULL; (gdb) step 362 Filenames_Init (); // Set Filenames Values (gdb) print params_v[1] $5 = 0x0 (gdb) step Filenames_Init () at /usr/include/bits/unistd.h:136 136 return __getcwd_alias (__buf, __size); (gdb) step 87 { (gdb) step 136 return __getcwd_alias (__buf, __size); (gdb) step 94 strcpy (Env.Paths.EmulatorDirectory, params_v [0]); (gdb) print params_v [0] $6 = 0x97a9198 "/usr/libexec/meka/meka" (gdb) step 98 p = strrchr (Env.Paths.EmulatorDirectory, '/'); (gdb) print Env.Paths.EmulatorDirectory $7 = "/usr/libexec/meka/meka", '\0' <repeats> (gdb) step 99 if (p) (gdb) print p No symbol "p" in current context. (gdb) print strrchr (Env.Paths.EmulatorDirectory, '/') $8 = 136428689 (gdb) step 100 *p = EOSTR; (gdb) print Env.Paths.EmulatorDirectory $9 = "/usr/libexec/meka/meka", '\0' <repeats> (gdb) step 112 strcpy (temp, Env.Paths.EmulatorDirectory); (gdb) print Env.Paths.EmulatorDirectory $10 = "/usr/libexec/meka\000meka", '\0' <repeats> (gdb) step 35 return __realpath_chk (__name, __resolved, __bos (__resolved)); (gdb) print temp $11 = "/usr/libexec/meka\000�\000\f\000\000\000 \0009\000\001\000\000\000\000\000\000\000\001\000\000\000`g\213�� \006�\000\210J\005\b�f\213�Xg\213�\177�\020\b-2@�\000\000\000 \000�f\213�\200�\020\b��\"\000�Q*\000\220g\213��\006�\000�J \005\b\200�\020\b\000\000\000\000\001\200��\005l��\000\000\000 \000\200�\020\bgg\213�X\2257\000\177�\020\bX\2217\000P\2217\000 \030}!\0000\000\000\000 \000\000\0000\2217\000\004\000\000\000\000\000\000\000X\2217\000P \2217\000\030}!\000 \000\000\000\020\000\000\000(\2217\000\004\000\000\000\000\000\000\000"... (gdb) step *** buffer overflow detected ***: /usr/libexec/meka/meka terminated ======= Backtrace: ========= /lib/libc.so.6(__chk_fail+0x41)[0x320361] /lib/libc.so.6[0x320aa8] /usr/libexec/meka/meka(Filenames_Init+0x9d)[0x80936fd] /usr/libexec/meka/meka(main+0xc7)[0x805c8c7] /lib/libc.so.6(__libc_start_main+0xdc)[0x254f2c] /usr/libexec/meka/meka[0x805c161] ======= Memory map: ======== 00110000-001f2000 r-xp 00000000 03:0a 378701 /usr/lib/liballeg-4.2.0.so 001f2000-00202000 rwxp 000e1000 03:0a 378701 /usr/lib/liballeg-4.2.0.so 00202000-00219000 rwxp 00202000 00:00 0 00219000-0021b000 r-xp 00000000 03:0a 378252 /usr/lib/libXau.so.6.0.0 0021b000-0021c000 rwxp 00001000 03:0a 378252 /usr/lib/libXau.so.6.0.0 0021c000-0021d000 rwxp 0021c000 00:00 0 0021d000-00230000 r-xp 00000000 03:0a 1672630 /lib/libpthread-2.5.so 00230000-00231000 r-xp 00012000 03:0a 1672630 /lib/libpthread-2.5.so 00231000-00232000 rwxp 00013000 03:0a 1672630 /lib/libpthread-2.5.so 00232000-00234000 rwxp 00232000 00:00 0 00234000-00239000 r-xp 00000000 03:0a 378465 /usr/lib/libXxf86dga.so.1.0.0 00239000-0023a000 rwxp 00004000 03:0a 378465 /usr/lib/libXxf86dga.so.1.0.0 0023a000-0023e000 r-xp 00000000 03:0a 378410 /usr/lib/libXxf86vm.so.1.0.0 0023e000-0023f000 rwxp 00003000 03:0a 378410 /usr/lib/libXxf86vm.so.1.0.0 0023f000-00376000 r-xp 00000000 03:0a 1672535 /lib/libc-2.5.so 00376000-00378000 r-xp 00137000 03:0a 1672535 /lib/libc-2.5.so 00378000-00379000 rwxp 00139000 03:0a 1672535 /lib/libc-2.5.so 00379000-0037c000 rwxp 00379000 00:00 0 0037c000-00381000 r-xp 00000000 03:0a 377560 /usr/lib/libXdmcp.so.6.0.0 00381000-00382000 rwxp 00004000 03:0a 377560 /usr/lib/libXdmcp.so.6.0.0 00382000-0038a000 r-xp 00000000 03:0a 378384 /usr/lib/libXrender.so.1.3.0 0038a000-0038b000 rwxp 00007000 03:0a 378384 /usr/lib/libXrender.so.1.3.0 0038b000-0038f000 r-xp 00000000 03:0a 378433 /usr/lib/libXfixes.so.3.1.0 0038f000-00390000 rwxp 00003000 03:0a 378433 /usr/lib/libXfixes.so.3.1.0 00390000-00393000 rwxp 00390000 00:00 0 00417000-00419000 r-xp 00000000 03:0a 1672576 /lib/libdl-2.5.so 00419000-0041a000 r-xp 00001000 03:0a 1672576 /lib/libdl-2.5.so 0041a000-0041b000 rwxp 00002000 03:0a 1672576 /lib/libdl-2.5.so 0049d000-0059b000 r-xp 00000000 03:0a 376947 /usr/lib/libX11.so.6.2.0 0059b000-0059f000 rwxp 000fd000 03:0a 376947 /usr/lib/libX11.so.6.2.0 005ea000-005f5000 r-xp 00000000 03:0a 1671794 /lib/libgcc_s-4.1.1-20070105.so.1 005f5000-005f6000 rwxp 0000a000 03:0a 1671794 /lib/libgcc_s-4.1.1-20070105.so.1 0080d000-00816000 r-xp 00000000 03:0a 378436 /usr/lib/libXcursor.so.1.0.2 00816000-00817000 rwxp 00008000 03:0a 378436 /usr/lib/libXcursor.so.1.0.2 008f2000-008f3000 r-xp 008f2000 00:00 0 [vdso] 00ac6000-00adf000 r-xp 00000000 03:0a 1671187 /lib/ld-2.5.so 00adf000-00ae0000 r-xp 00018000 03:0a 1671187 /lib/ld-2.5.so 00ae0000-00ae1000 rwxp 00019000 03:0a 1671187 /lib/ld-2.5.so 00bbf000-00be4000 r-xp 00000000 03:0a 377600 /usr/lib/libpng12.so.0.10.0 00be4000-00be5000 rwxp 00024000 03:0a 377600 /usr/lib/libpng12.so.0.10.0 00c03000-00c12000 r-xp 00000000 03:0a 378379 /usr/lib/libXext.so.6.4.0 00c12000-00c13000 rwxp 0000e000 03:0a 378379 /usr/lib/libXext.so.6.4.0 00c69000-00c8e000 r-xp 00000000 03:0a 1672578 /lib/libm-2.5.so 00c8e000-00c8f000 r-xp 00024000 03:0a 1672578 /lib/libm-2.5.so 00c8f000-00c90000 rwxp 00025000 03:0a 1672578 /lib/libm-2.5.so 00cac000-00cbc000 r-xp 00000000 03:0a 377011 /usr/lib/libXpm.so.4.11.0 00cbc000-00cbd000 rwxp 00010000 03:0a 377011 /usr/lib/libXpm.so.4.11.0 00dfe000-00e10000 r-xp 00000000 03:0a 376840 /usr/lib/libz.so.1.2.3 00e10000-00e11000 rwxp 00011000 03:0a 376840 /usr/lib/libz.so.1.2.3 08048000-08103000 r-xp 00000000 03:0a 524989 /usr/libexec/meka/meka 08103000-08109000 rwxp 000ba000 03:0a 524989 /usr/libexec/meka/meka 08109000-082f9000 rwxp 08109000 00:00 0 097a9000-097ca000 rwxp 097a9000 00:00 0 bf8a4000-bf8b9000 rwxp bf8a4000 00:00 0 [stack] Program received signal SIGABRT, Aborted. 0x008f2402 in __kernel_vsyscall () (gdb) I am neither C nor gdb expert, unluckily... HTH, Andrea. |
|
|
|
|
