Package: apt Version: 0.9.7.5 Severity: important Tags: patch User: [email protected] Usertags: origin-ubuntu ubuntu-patch quantal
pkgCacheGenerator::ListParser::NewProvides doesn't follow the usual pattern when writing a new string to the cache of assigning first to a temporary variable and then to the cache iterator. This means that if a cache remap occurs during the expression "Prv->ProvidesVersion = WriteString(Version)", it will change Prv, but the assignment may attempt to write to the pre-remap location depending on order of evaluation. This caused https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1066445. Patch follows. === modified file 'apt-pkg/pkgcachegen.cc' --- apt-pkg/pkgcachegen.cc 2012-09-19 09:39:20 +0000 +++ apt-pkg/pkgcachegen.cc 2012-10-14 22:47:19 +0000 @@ -973,8 +973,12 @@ bool pkgCacheGenerator::ListParser::NewP Prv->Version = Ver.Index(); Prv->NextPkgProv = Ver->ProvidesList; Ver->ProvidesList = Prv.Index(); - if (Version.empty() == false && unlikely((Prv->ProvideVersion = WriteString(Version)) == 0)) - return false; + if (Version.empty() == false) { + map_ptrloc const idxProvideVersion = WriteString(Version); + Prv->ProvideVersion = idxProvideVersion; + if (unlikely(idxProvideVersion == 0)) + return false; + } // Locate the target package pkgCache::PkgIterator Pkg; === modified file 'debian/changelog' --- debian/changelog 2012-10-12 12:44:09 +0000 +++ debian/changelog 2012-10-14 22:50:15 +0000 @@ -18,6 +18,11 @@ apt (0.9.7.6) UNRELEASED; urgency=low * increase the maximum netrc login/password size and show proper error message on overflow + [ Colin Watson ] + * apt-pkg/pkgcachegen.cc: + - Fix crash if the cache is remapped while writing a Provides version + (LP: #1066445). + -- David Kalnischkies <[email protected]> Wed, 19 Sep 2012 11:29:56 +0200 apt (0.9.7.5) unstable; urgency=low Thanks, -- Colin Watson [[email protected]] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
