Ticket #703 (closed defect: fixed)
Opened 2 years ago
Last modified 2 years ago
[cpio] Segmentation fault using option -d
| Reported by: | bartolomiew | Owned by: | scottmc |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | app-arch/cpio | Version: | |
| Severity: | blocker | Keywords: | |
| Cc: |
Description
cpio is a tool required to build openjdk.
When compiling, cpio uses the following options: pdum
Using the option 'd' causes a segmentation fault.
I propose the following patch :
diff -Naur cpio-2.10/configure.ac cpio-2.10-haiku/configure.ac
--- cpio-2.10/configure.ac 2009-06-20 10:28:11.003932160 +0200
+++ cpio-2.10-haiku/configure.ac 2013-03-12 07:18:46.710934528 +0100
@@ -44,6 +44,8 @@
AC_HEADER_STDC
AC_HEADER_DIRENT
+AC_SEARCH_LIBS(gethostbyname, [socket, network])
+
AC_CHECK_FUNCS([fchmod fchown])
# This is needed for mingw build
AC_CHECK_FUNCS([setmode getpwuid getpwnam getgrgid getgrnam pipe fork getuid geteuid])
diff -Naur cpio-2.10/gnu/hash.c cpio-2.10-haiku/gnu/hash.c
--- cpio-2.10/gnu/hash.c 2009-06-19 11:11:54.017039360 +0200
+++ cpio-2.10-haiku/gnu/hash.c 2013-03-12 07:18:46.715653120 +0100
@@ -491,6 +491,7 @@
check_tuning (Hash_table *table)
{
const Hash_tuning *tuning = table->tuning;
+ float epsilon = 0.1f;
if (tuning == &default_tuning)
return true;
@@ -499,7 +500,6 @@
fail to grow or shrink as they should. The smallest allocation
is 11 (due to next_prime's algorithm), so an epsilon of 0.1
should be good enough. */
- float epsilon = 0.1f;
if (epsilon < tuning->growth_threshold
&& tuning->growth_threshold < 1 - epsilon
diff -Naur cpio-2.10/src/makepath.c cpio-2.10-haiku/src/makepath.c
--- cpio-2.10/src/makepath.c 2009-02-14 19:15:50.035651584 +0100
+++ cpio-2.10-haiku/src/makepath.c 2013-03-12 07:24:12.562561024 +0100
@@ -56,6 +56,7 @@
char *dirpath; /* A copy we can scribble NULs on. */
struct stat stats;
int retval = 0;
+ char *slash;
mode_t tmpmode;
mode_t invert_permissions;
int we_are_root = getuid () == 0;
@@ -68,7 +69,7 @@
tmpmode = MODE_RWX & ~ newdir_umask;
invert_permissions = we_are_root ? 0 : MODE_WXUSR & ~ tmpmode;
- char *slash = dirpath;
+ slash = dirpath;
while (*slash == '/')
slash++;
while ((slash = strchr (slash, '/')))
Change History
comment:1 Changed 2 years ago by scottmc
comment:2 follow-up: ↓ 3 Changed 2 years ago by bartolomiew
Short answer : yes
Long one :
line 56 char *dirpath; declaration, var pointer is null
line 59 char *slash = dirpath; slash pointer is null also
line 65 strcpy(dirpath, argpath); dirpath pointer is not null anymore, but slash is null
so this line : while(*slash == '/') crash
comment:3 in reply to: ↑ 2 Changed 2 years ago by bonefish
Replying to bartolomiew:
Short answer : yes
Long one :
line 56 char *dirpath; declaration, var pointer is null
Variables of primitive types aren't initialized implicitly. The variable value is undefined.
line 59 char *slash = dirpath; slash pointer is null also
That isn't the line in the patch. The variable value would be undefined in neither case.
line 65 strcpy(dirpath, argpath); dirpath pointer is not null anymore, but slash is null
so this line : while(*slash == '/') crash
I don't have the source file at hand, so I can't comment on why the program crashes. However, the patch only makes the scope of the variables larger without changing their initialization. That is if the code compiled before, it will behave just the same.
comment:4 follow-up: ↓ 5 Changed 2 years ago by bartolomiew
Please look closely at the code, the error is obvious.
The patch is functional.
comment:5 in reply to: ↑ 4 Changed 2 years ago by bonefish
Replying to bartolomiew:
Please look closely at the code, the error is obvious.
OK, I see, you're referring to the old patch. That looks broken indeed.
comment:6 Changed 2 years ago by scottmc
- Resolution set to fixed
- Status changed from new to closed
Fixed in r2305

How is this patch different from the previous patch for cpio? Did dirpath change between lines 59 and 71?