eepe "buffer overflow" crash (more info)

[ccpetersen]

Current (r358) eepe download and local source built app exhibit the same crash if you use 10 character model names. Use 9 and you are ok.

Latest Ubuntu
Qt4.8.1

Any help appreciated.

Code: Select all

*** buffer overflow detected ***: eepe terminated
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x45)[0xb65d7045]
/lib/i386-linux-gnu/libc.so.6(+0x102e1a)[0xb65d5e1a]
/lib/i386-linux-gnu/libc.so.6(+0x10214d)[0xb65d514d]
eepe[0x8073028]
eepe[0x8111bd7]
eepe[0x8111cc4]
/usr/lib/i386-linux-gnu/libQtCore.so.4(_ZN11QMetaObject8metacallEP7QObjectNS_4CallEiPPv+0x3d)[0xb694bc9d]
/usr/lib/i386-linux-gnu/libQtCore.so.4(_ZN11QMetaObject8activateEP7QObjectPKS_iPPv+0x54d)[0xb695b9bd]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN9QLineEdit15editingFinishedEv+0x35)[0xb71b8065]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN9QLineEdit13focusOutEventEP11QFocusEvent+0x98)[0xb71b8188]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN7QWidget5eventEP6QEvent+0x976)[0xb6d88716]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN9QLineEdit5eventEP6QEvent+0x7b)[0xb71b608b]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0xc4)[0xb6d2ded4]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x222)[0xb6d333a2]
/usr/lib/i386-linux-gnu/libQtCore.so.4(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0x8e)[0xb694497e]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN19QApplicationPrivate14setFocusWidgetEP7QWidgetN2Qt11FocusReasonE+0x1ca)[0xb6d2c40a]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN12QApplication15setActiveWindowEP7QWidget+0x54c)[0xb6d3202c]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN14QWidgetPrivate23deactivateWidgetCleanupEv+0x64)[0xb6d750f4]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN14QWidgetPrivate8hide_sysEv+0x2d)[0xb6dd5c1d]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN14QWidgetPrivate11hide_helperEv+0x75)[0xb6d89525]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN7QWidget10setVisibleEb+0x3c0)[0xb6d8b7f0]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN7QDialog10setVisibleEb+0x180)[0xb7281670]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN7QDialog4doneEi+0x39)[0xb72808e9]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN7QDialog6rejectEv+0x1a)[0xb727f11a]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN7QDialog10closeEventEP11QCloseEvent+0x82)[0xb727f6a2]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN7QWidget5eventEP6QEvent+0x8fb)[0xb6d8869b]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0xc4)[0xb6d2ded4]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x222)[0xb6d333a2]
/usr/lib/i386-linux-gnu/libQtCore.so.4(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0x8e)[0xb694497e]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN14QWidgetPrivate12close_helperENS_9CloseModeE+0x1f8)[0xb6d81c48]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN12QApplication16x11ClientMessageEP7QWidgetP7_XEventb+0x1a3)[0xb6dbbce3]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN12QApplication15x11ProcessEventEP7_XEvent+0xc8c)[0xb6db9d0c]
/usr/lib/i386-linux-gnu/libQtGui.so.4(+0x1f3eac)[0xb6de6eac]
/lib/i386-linux-gnu/libglib-2.0.so.0(g_main_context_dispatch+0x146)[0xb63d3d86]
/lib/i386-linux-gnu/libglib-2.0.so.0(+0x47125)[0xb63d4125]
/lib/i386-linux-gnu/libglib-2.0.so.0(g_main_context_iteration+0x41)[0xb63d4201]
/usr/lib/i386-linux-gnu/libQtCore.so.4(_ZN20QEventDispatcherGlib13processEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x67)[0xb6977887]
/usr/lib/i386-linux-gnu/libQtGui.so.4(+0x1f3aaa)[0xb6de6aaa]
/usr/lib/i386-linux-gnu/libQtCore.so.4(_ZN10QEventLoop13processEventsE6QFlagsINS_17ProcessEventsFlagEE+0x4d)[0xb694350d]
/usr/lib/i386-linux-gnu/libQtCore.so.4(_ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE+0xf9)[0xb69437a9]
/usr/lib/i386-linux-gnu/libQtCore.so.4(_ZN16QCoreApplication4execEv+0x9a)[0xb6948eba]
/usr/lib/i386-linux-gnu/libQtGui.so.4(_ZN12QApplication4execEv+0x24)[0xb6d2ba74]
eepe[0x8057ab7]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0xb64ec4d3]
eepe[0x8058521]
======= Memory map: ========
08048000-0819a000 r-xp 00000000 08:01 3015193    /usr/bin/eepe
0819a000-0819b000 r--p 00151000 08:01 3015193    /usr/bin/eepe
0819b000-0819c000 rw-p 00152000 08:01 3015193    /usr/bin/eepe
08e5d000-09a19000 rw-p 00000000 00:00 0          [heap]
acde5000-acde6000 rw-p 00000000 00:00 0 
acde6000-acff5000 rw-s 00000000 00:04 10420229   /SYSV00000000 (deleted)
acff5000-ad204000 rw-s 00000000 00:04 10387460   /SYSV00000000 (deleted)
ad204000-ad256000 r--p 00000000 08:01 3934012    /usr/share/fonts/truetype/ubuntu-font-family/Ubuntu-B.ttf
ad256000-ad2a0000 r--p 00000000 08:01 1310748    /usr/share/fonts/truetype/msttcorefonts/Courier_New.ttf
ad2a0000-ad2f2000 r--p 00000000 08:01 3934012    /usr/share/fonts/truetype/ubuntu-font-family/Ubuntu-B.ttf
ad2f2000-ad352000 rw-s 00000000 00:04 10354691   /SYSV00000000 (deleted)
ad352000-ad499000 r-xp 00000000 08:01 3015080    /usr/lib/i386-linux-gnu/libxml2.so.2.7.8
ad499000-ad49d000 r--p 00147000 08:01 3015080    /usr/lib/i386-linux-gnu/libxml2.so.2.7.8
ad49d000-ad49e000 rw-p 0014b000 08:01 3015080    /usr/lib/i386-linux-gnu/libxml2.so.2.7.8
ad49e000-ad49f000 rw-p 00000000 00:00 0 
ad49f000-ad4d7000 r-xp 00000000 08:01 3019312    /usr/lib/i386-linux-gnu/libcroco-0.6.so.3.0.1
ad4d7000-ad4d8000 ---p 00038000 08:01 3019312    /usr/lib/i386-linux-gnu/libcroco-0.6.so.3.0.1
ad4d8000-ad4da000 r--p 00038000 08:01 3019312    /usr/lib/i386-linux-gnu/libcroco-0.6.so.3.0.1
ad4da000-ad4db000 rw-p 0003a000 08:01 3019312    /usr/lib/i386-linux-gnu/libcroco-0.6.so.3.0.1
ad4db000-ad512000 r-xp 00000000 08:01 3019682    /usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1
ad512000-ad513000 r--p 00036000 08:01 3019682    /usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1
ad513000-ad514000 rw-p 00037000 08:01 3019682    /usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1
ad52a000-ad52b000 r-xp 00000000 08:01 3020135    /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
ad52b000-ad52c000 r--p 00000000 08:01 3020135    /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
ad52c000-ad52d000 rw-p 00001000 08:01 3020135    /usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
ad52d000-ad549000 r--s 00000000 08:01 3546785    /usr/share/mime/mime.cache
ad549000-ae667000 r--p 00000000 08:01 135687     /usr/share/icons/hicolor/icon-theme.cache
ae667000-aef52000 r--p 00000000 08:01 131542     /usr/share/icons/gnome/icon-theme.cache
aef52000-af03b000 r--p 00000000 08:01 162937     /usr/share/icons/Humanity/icon-theme.cache
af03b000-af05e000 r--p 00000000 08:01 131422     /usr/share/icons/ubuntu-mono-dark/icon-theme.cache
af05e000-af06e000 r-xp 00000000 08:01 3019070    /usr/lib/i386-linux-gnu/gio/modules/libgioremote-volume-monitor.so
af06e000-af06f000 r--p 0000f000 08:01 3019070    /usr/lib/i386-linux-gnu/gio/modules/libgioremote-volume-monitor.so
af06f000-af070000 rw-p 00010000 08:01 3019070    /usr/lib/i386-linux-gnu/gio/modules/libgioremote-volume-monitor.so
af070000-af0d0000 rw-s 00000000 00:04 10321922   /SYSV00000000 (deleted)
af0d0000-af342000 rw-s 00000000 00:04 10289153   /SYSV00000000 (deleted)
af342000-af343000 ---p 00000000 00:00 0 
af343000-afb43000 rw-p 00000000 00:00 0 
afb43000-afb44000 ---p 00000000 00:00 0 
afb44000-b0344000 rw-p 00000000 00:00 0 
b0344000-b0345000 ---p 00000000 00:00 0 
b0345000-b0b45000 rw-p 00000000 00:00 0 
b0b45000-b0b46000 ---p 00000000 00:00 0 
b0b46000-b1346000 rw-p 00000000 00:00 0 
b1346000-b1395000 r-xp 00000000 08:01 3146754    /lib/i386-linux-gnu/libssl.so.1.0.0
b1395000-b1396000 ---p 0004f000 08:01 3146754    /lib/i386-linux-gnu/libssl.so.1.0.0
b1396000-b1398000 r--p 0004f000 08:01 3146754    /lib/i386-linux-gnu/libssl.so.1.0.0
b1398000-b139c000 rw-p 00051000 08:01 3146754    /lib/i386-linux-gnu/libssl.so.1.0.0
b139c000-b152e000 r-xp 00000000 08:01 3146673    /lib/i386-linux-gnu/libcrypto.so.1.0.0
b152e000-b153d000 r--p 00192000 08:01 3146673    /lib/i386-linux-gnu/libcrypto.so.1.0.0
b153d000-b1544000 rw-p 001a1000 08:01 3146673    /lib/i386-linux-gnu/libcrypto.so.1.0.0
b1544000-b1547000 rw-p 00000000 00:00 0 
b1552000-b155d000 r--p 00000000 08:01 169198     /usr/share/icons/Humanity-Dark/icon-theme.cache
b155d000-b1588000 r-xp 00000000 08:01 3016755    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqnmbearer.so
b1588000-b1589000 r--p 0002a000 08:01 3016755    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqnmbearer.so
b1589000-b158a000 rw-p 0002b000 08:01 3016755    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqnmbearer.so
b158a000-b15c8000 r-xp 00000000 08:01 3016753    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqconnmanbearer.so
b15c8000-b15c9000 r--p 0003e000 08:01 3016753    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqconnmanbearer.so
b15c9000-b15ca000 rw-p 0003f000 08:01 3016753    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqconnmanbearer.so
b15ca000-b15cb000 ---p 00000000 00:00 0 
b15cb000-b1dcb000 rw-p 00000000 00:00 0 
b1dcb000-b1e49000 r-xp 00000000 08:01 3016757    /usr/lib/i386-linux-gnu/libQtDBus.so.4.8.1
b1e49000-b1e4a000 r--p 0007d000 08:01 3016757    /usr/lib/i386-linux-gnu/libQtDBus.so.4.8.1
b1e4a000-b1e4b000 rw-p 0007e000 08:01 3016757    /usr/lib/i386-linux-gnu/libQtDBus.so.4.8.1
b1e4b000-b1e7d000 r-xp 00000000 08:01 3019347    /usr/lib/i386-linux-gnu/libdbusmenu-qt.so.2.6.0
b1e7d000-b1e7e000 r--p 00031000 08:01 3019347    /usr/lib/i386-linux-gnu/libdbusmenu-qt.so.2.6.0
b1e7e000-b1e7f000 rw-p 00032000 08:01 3019347    /usr/lib/i386-linux-gnu/libdbusmenu-qt.so.2.6.0
b1e7f000-b1e89000 r-xp 00000000 08:01 3020540    /usr/lib/i386-linux-gnu/qt4/plugins/menubar/libappmenu-qt.so
b1e89000-b1e8a000 r--p 00009000 08:01 3020540    /usr/lib/i386-linux-gnu/qt4/plugins/menubar/libappmenu-qt.so
b1e8a000-b1e8b000 rw-p 0000a000 08:01 3020540    /usr/lib/i386-linux-gnu/qt4/plugins/menubar/libappmenu-qt.so
b1e8b000-b1ee2000 r--p 00000000 08:01 3934017    /usr/share/fonts/truetype/ubuntu-font-family/Ubuntu-R.ttf
b1ee2000-b1f8a000 rw-p 00000000 00:00 0 
b1f8a000-b2032000 rw-s 00000000 00:04 10256384   /SYSV00000000 (deleted)
b2032000-b2092000 r-xp 00000000 08:01 3016773    /usr/lib/i386-linux-gnu/libtiff.so.4.3.4
b2092000-b2094000 r--p 0005f000 08:01 3016773    /usr/lib/i386-linux-gnu/libtiff.so.4.3.4
b2094000-b2095000 rw-p 00061000 08:01 3016773    /usr/lib/i386-linux-gnu/libtiff.so.4.3.4
b209d000-b20a9000 r-xp 00000000 08:01 3016756    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqgenericbearer.so
b20a9000-b20aa000 r--p 0000b000 08:01 3016756    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqgenericbearer.so
b20aa000-b20ab000 rw-p 0000c000 08:01 3016756    /usr/lib/i386-linux-gnu/qt4/plugins/bearer/libqgenericbearer.so
b20ab000-b20fe000 r-xp 00000000 08:01 3016734    /usr/lib/i386-linux-gnu/libQtSvg.so.4.8.1
b20fe000-b20ff000 r--p 00052000 08:01 3016734    /usr/lib/i386-linux-gnu/libQtSvg.so.4.8.1
b20ff000-b2100000 rw-p 00053000 08:01 3016734    /usr/lib/i386-linux-gnu/libQtSvg.so.4.8.1
b2100000-b2135000 r-xp 00000000 08:01 3019554    /usr/lib/i386-linux-gnu/liblcms.so.1.0.19
b2135000-b2136000 r--p 00034000 08:01 3019554    /usr/lib/i386-linux-gnu/liblcms.so.1.0.19
b2136000-b2137000 rw-p 00035000 08:01 3019554    /usr/lib/i386-linux-gnu/liblcms.so.1.0.19
b2137000-b2139000 rw-p 00000000 00:00 0 
b2139000-b21ba000 r-xp 00000000 08:01 3019580    /usr/lib/i386-linux-gnu/libmng.so.1.1.0.10
b21ba000-b21bc000 r--p 00081000 08:01 3019580    /usr/lib/i386-linux-gnu/libmng.so.1.1.0.10
b21bc000-b21bd000 rw-p 00083000 08:01 3019580    /usr/lib/i386-linux-gnu/libmng.so.1.1.0.10
b21c3000-b21c8000 r-xp 00000000 08:01 3164560    /lib/i386-linux-gnu/libnss_dns-2.15.so
b21c8000-b21c9000 r--p 00004000 08:01 3164560    /lib/i386-linux-gnu/libnss_dns-2.15.so
b21c9000-b21ca000 rw-p 00005000 08:01 3164560    /lib/i386-linux-gnu/libnss_dns-2.15.so
b21ca000-b21d1000 r-xp 00000000 08:01 3016737    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqtiff.so
b21d1000-b21d2000 r--p 00006000 08:01 3016737    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqtiff.so
b21d2000-b21d3000 rw-p 00007000 08:01 3016737    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqtiff.so
b21d3000-b2218000 r-xp 00000000 08:01 3019374    /usr/lib/i386-linux-gnu/libjpeg.so.8.0.2
b2218000-b2219000 r--p 00044000 08:01 3019374    /usr/lib/i386-linux-gnu/libjpeg.so.8.0.2
b2219000-b221a000 rw-p 00045000 08:01 3019374    /usr/lib/i386-linux-gnu/libjpeg.so.8.0.2
b221a000-b222a000 rw-p 00000000 00:00 0 
b222d000-b2231000 r-xp 00000000 08:01 3016731    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqtga.so
b2231000-b2232000 r--p 00003000 08:01 3016731    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqtga.so
b2232000-b2233000 rw-p 00004000 08:01 3016731    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqtga.so
b2233000-b2237000 r-xp 00000000 08:01 3015790    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqsvg.so
b2237000-b2238000 r--p 00003000 08:01 3015790    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqsvg.so
b2238000-b2239000 rw-p 00004000 08:01 3015790    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqsvg.so
b2239000-b223e000 r-xp 00000000 08:01 3018224    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqmng.so
b223e000-b223f000 r--p 00004000 08:01 3018224    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqmng.so
b223f000-b2240000 rw-p 00005000 08:01 3018224    /usr/lib/i386-linux-gnu/qt4/plugins/imageformats/libqmng.so
b2240000-b224e000 r-xp 00000000 08:01 3146811    /lib/i386-linux-gnu/libudev.so.0.13.0
b224e000-b224f000 r--p 0000e000 08:01 3146811    /lib/i386-linux-gnu/libudev.so.0.13.0
b224f000-b2250000 rw-p 0000f000 08:01 3146811    /lib/i386-linux-gnu/libudev.so.0.13.0
b2250000-b2265000 r-xp 00000000 08:01 3019075    /usr/lib/i386-linux-gnu/gvfs/libgvfscommon.so
b2265000-b2266000 r--p 00014000 08:01 3019075    /usr/lib/i386-linux-gnu/gvfs/libgvfscommon.so
b2266000-b2267000 rw-p 00015000 08:01 3019075    /usr/lib/i386-linux-gnu/gvfs/libgvfscommon.so
b2267000-b22ab000 r-xp 00000000 08:01 3019523    /usr/lib/i386-linux-gnu/libibus-1.0.so.0.401.0
b22ab000-b22ac000 r--p 00043000 08:01 3019523    /usr/lib/i386-linux-gnu/libibus-1.0.so.0.401.0
b22ac000-b22ad000 rw-p 00044000 08:01 3019523    /usr/lib/i386-linux-gnu/libibus-1.0.so.0.401.0
b22ad000-b22ff000 r--p 00000000 08:01 3933988    /usr/share/fonts/truetype/ttf-dejavu/DejaVuSansMono.ttf
b22ff000-b2300000 ---p 00000000 00:00 0 
b2300000-b2b00000 rw-p 00000000 00:00 0 
b2b00000-b2b2c000 rw-p 00000000 00:00 0 
b2b2c000-b2c00000 ---p 00000000 00:00 0 Aborted (core dumped)

Edit: Build debug version in Qt Creator and, of course, it works when run with the debugger. Run a release or debug version standalone and it tanks when entering 10 character model names.

I have noticed it may take a long time for the locally built eepe versions to quit. They usually spit out the following:

Code: Select all

QClipboard: Unable to receive an event from the clipboard manager in a reasonable time

I know I'm in over my head but I was really hoping to use eepe.

[ccpetersen]

I assume from the silence that I'm the only one with this particular problem. True?

[Romolo]

I confirm the bug:
the solution is to have at line 1879 of modeledit.cpp instead of
strcpy((char*)&g_model.name,c);
memcpy((char*)&g_model.name,c,sizeof(g_model.name));

strings in C are null terminated so a 10 char string need a char[11] array...

[MikeB]

I was just going to look intop this! I'll commit the change to the source code, I have to get Erazz to do the build, it's all done under linux and I don't have a version of linux. I tried under windows, complete failure!

Romolo: Did you locate the bug from the trace above?

Mike.

Edit: Updated source committed.

[Romolo]

I tested in debugging mode...
Buffer overflow on strcpy confirmed also by valgrind..

[Romolo]

You may copy from companion9x:
It's a segfault i discovered a lot of time ago:

void ModelEdit::on_modelNameLE_editingFinished()
{
strncpy(g_model.name, ui->modelNameLE->text().toAscii(), 10);
updateSettings();
}

[ccpetersen]

Thanks guys, works fine.

C

[Romolo]

Mike,
if you use valgrind on old eepe executable before patching you will get:

Code: Select all

==10501== Invalid read of size 1
==10501==    at 0x4C2A1F7: __GI_strcpy (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==10501==    by 0x42F67D: ModelEdit::on_modelNameLE_editingFinished() (in /root/production/eepe/trunk/src/eepe)
==10501==    by 0x4C010E: ModelEdit::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (in /root/production/eepe/trunk/src/eepe)
==10501==    by 0x4C01DA: ModelEdit::qt_metacall(QMetaObject::Call, int, void**) (in /root/production/eepe/trunk/src/eepe)
==10501==    by 0x622D538: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3566)
==10501==    by 0x566DF3D: QLineEdit::focusOutEvent(QFocusEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x52A214C: QWidget::event(QEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x566C3E6: QLineEdit::event(QEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x5251D83: QApplicationPrivate::notify_helper(QObject*, QEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x5256C02: QApplication::notify(QObject*, QEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x621948B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:876)
==10501==    by 0x525084D: QApplicationPrivate::setFocusWidget(QWidget*, Qt::FocusReason) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==  Address 0x14b93628 is 24 bytes inside a block of size 42 free'd
==10501==    at 0x4C2892E: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==10501==    by 0x42F6C9: ModelEdit::on_modelNameLE_editingFinished() (in /root/production/eepe/trunk/src/eepe)
==10501==    by 0x4C010E: ModelEdit::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) (in /root/production/eepe/trunk/src/eepe)
==10501==    by 0x4C01DA: ModelEdit::qt_metacall(QMetaObject::Call, int, void**) (in /root/production/eepe/trunk/src/eepe)
==10501==    by 0x622D538: QMetaObject::activate(QObject*, QMetaObject const*, int, void**) (qobject.cpp:3566)
==10501==    by 0x566DF3D: QLineEdit::focusOutEvent(QFocusEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x52A214C: QWidget::event(QEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x566C3E6: QLineEdit::event(QEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x5251D83: QApplicationPrivate::notify_helper(QObject*, QEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x5256C02: QApplication::notify(QObject*, QEvent*) (in /usr/lib64/libQtGui.so.4.8.0)
==10501==    by 0x621948B: QCoreApplication::notifyInternal(QObject*, QEvent*) (qcoreapplication.cpp:876)
==10501==    by 0x525084D: QApplicationPrivate::setFocusWidget(QWidget*, Qt::FocusReason) (in /usr/lib64/libQtGui.so.4.8.0)

That "Invalid read of size 1" confirms the memory overflow that was causing the issue, my question is why it was working before, it was wrong since beginning, unless the old strcpy was doing some check about dest (but that's not foreseen in strcpy specs)

Really you should thing about a linux virtual machine for eepe developing.

[ccpetersen]

One more problem seems to be left.

Exiting eepe after having made changes causes eepe to pause 4 or 5 seconds. The following is displayed just before the exit:

Code: Select all

QClipboard: Unable to receive an event from the clipboard manager in a reasonable time