[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200307091822.h69IM1Ie023114@haackey.com>
From: neeko at haackey.com (Neeko Oni)
Subject: OS X Screensaver cause..
RE: OS X screensaver..
I feel like I'm beating a dead horse here, folks, as it seems like everyone is
taking this problem far too seriously (there are limits) but..
It doesn't look like a buffer overflow at all, really. Limited poking with
gdb and ktrace make it look like a memory allocation problem.
Few notes..
It takes me two tries to crash the screensaver on my 12" 10.2.6 (128mb) iBook.
First try, the pretty swirly graphical part dies and is reduced to an entirely
black background. The second time I'm dropped out of the screensaver and onto
the desktop.
A minor dump from ktrace:
--
551 ScreenSaverEngin GIO fd 2 wrote 44 bytes
"*** malloc[551]: error for object 0xf00b00: "
551 ScreenSaverEngin RET write 44/0x2c
551 ScreenSaverEngin CALL write(0x2,0x900d409c,0x6a)
551 ScreenSaverEngin GIO fd 2 wrote 106 bytes
"Incorrect checksum for freed object - object was probably modified aft\
er being freed; break at szone_error"
--
Filling the box with 'A's (on the second try, with the black background) and
watching with gdb gives us a lot of..
Program received signal EXC_BAD_ACCESS, Could not access memory.
0x90004288 in free_list_remove_ptr ()
(gdb) next
Single stepping until exit from function free_list_remove_ptr,
which has no line number information.
Program received signal EXC_BAD_ACCESS, Could not access memory.
0x90004288 in free_list_remove_ptr ()
(gdb)
And so on, and so forth. This goes on for awhile, holding down entire
for a few minutes and it keeps going.. yawn.
--
Oh well, any else want to contribute something besides "Confirmed on xMac
10.2.xx!!!!" or silly unfounded comments about the cause (or security in
general)? Please do.
Apple, I've a newly found love for you. Please give us a patch so the
FUD-spreading never-used-OS-X-'bcuz'-'MAcsRGheyDood!' flamers will go away.
.Neeko
[Shpx Ohtgend :/]
Powered by blists - more mailing lists