Package: dpkg
Version: 1.17.14
Severity: normal
Tags: patch
Hi,
Running tests from Valgrind revealed an off-by-one error in Dpkg. The
first attached patch fixes it and the second just simplifies a
function I looked at while making the first fix.
Please consider accepting the first patch because I'm bootstrapping an
new port, hardened-amd64, which will enable ASAN by default and would
make dpkg crash due to this bug.
Cheers,
Balint
From 3d42c9bba7eb65ac5ff70a0a73919368caced533 Mon Sep 17 00:00:00 2001
From: Balint Reczey bal...@balintreczey.hu
Date: Thu, 4 Sep 2014 16:31:29 +0200
Subject: [PATCH 1/2] Fix off-by-one error in command argv size calculation
---
lib/dpkg/command.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/dpkg/command.c b/lib/dpkg/command.c
index 0044d83..f5b08ea 100644
--- a/lib/dpkg/command.c
+++ b/lib/dpkg/command.c
@@ -78,7 +78,7 @@ static void
command_grow_argv(struct command *cmd, int need)
{
/* Check if we already have enough room. */
- if ((cmd-argv_size - cmd-argc) = need)
+ if ((cmd-argv_size - (cmd-argc + 1)) = need)
return;
cmd-argv_size = (cmd-argv_size + need) * 2;
--
2.1.0
From 9f696c9db21ed8972115074edb7830518110e842 Mon Sep 17 00:00:00 2001
From: Balint Reczey bal...@balintreczey.hu
Date: Thu, 4 Sep 2014 20:30:31 +0200
Subject: [PATCH 2/2] Simplify command_add_argv()
---
lib/dpkg/command.c | 19 ++-
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/lib/dpkg/command.c b/lib/dpkg/command.c
index f5b08ea..ff2cf37 100644
--- a/lib/dpkg/command.c
+++ b/lib/dpkg/command.c
@@ -131,20 +131,13 @@ command_add_argl(struct command *cmd, const char **argv)
void
command_add_argv(struct command *cmd, va_list args)
{
- va_list args_copy;
- int i, add_argc = 0;
-
- va_copy(args_copy, args);
- while (va_arg(args_copy, const char *) != NULL)
- add_argc++;
- va_end(args_copy);
-
- command_grow_argv(cmd, add_argc);
-
- for (i = 0; i add_argc; i++)
- cmd-argv[cmd-argc++] = va_arg(args, const char *);
+ const char * arg;
- cmd-argv[cmd-argc] = NULL;
+ arg = va_arg(args, const char *);
+ while (arg != NULL) {
+ command_add_arg(cmd, arg);
+ arg = va_arg(args, const char *);
+ }
}
/**
--
2.1.0