Re: Bug report on jocaml-base: jocamlrun crashes with exit status 139
Hi Stéphane,
Thanks for taking the time to look at the report.
> I am sorry, but it is not a bug if jocamlrun segfaults when you feed it
> garbage!
I believe programs should report an error instead of crashing when
they receive garbage. When this is not done, segfaults can potentially
be used by hackers to gain control.
> And by the way, ocamlrun (from ocaml-base-nox) suffers from the same
> issue. Just replace "jocamlrun" by "ocamlrun" in crash.sh and you'll get
> the same behaviour. Do you know why it has not been spotted by Mayhem?
We do not claim that Mayhem will find all bugs in a program. It might
have missed it. I do however remember seeing an integer overflow in
ocamlrun that was not reported yet. I can look in more details if you
want, but you might not consider that a bug either.
> You should add a "NOT A BUG" choice in the "Update status"; none of the
> proposed choices seems to fit.
We have a "do not report" option. Even though I think it should be
reported, we won't report any bugs against maintainers wishes.
> You already disclosed it publicly ;-) Indeed,
> debian-ocaml-maint@lists.debian.org is a public mailing-list.
Yeah, I realized that public mailing list are often listed as
maintainers a bit too late.
> I am curious to see the crash you have found in Coq, though.
The report was not sent yet, as we have some issues with special
characters in maintainers name. We're hoping to fix that soon and you
should get the report by email.
Thanks
Alexandre
Reply to: