PATCH: (cvs-1.12.1) cvs -t import segfaults due to NULL ptr check missin

bug-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PATCH: (cvs-1.12.1) cvs -t import segfaults due to NULL ptr check missin

From:	sampo
Subject:	PATCH: (cvs-1.12.1) cvs -t import segfaults due to NULL ptr check missing
Date:	Thu, 26 Jun 2003 18:55:09 +0000

Version: cvs-1.12.1, possibly others
Workaround: do not use -t flag
Platform: not relevant, but at least Solaris 2.6 and Linux 2.4.70/glib-2.2.2

using gcc-2.95.3 reproduce the problem

Problem is that in checkout.c, line 434 variable where can be NULL and it
is supplied to printf format without appropriate check. Problem only

occurs in trace code. The production code has appropriate NULL check.Following gdb session evidences the bug:

(gdb) run -t import -m 'Created' suuri vendor_branch_tag start_rev_tag

Starting program: /usr/src/cvs-1.12.1/src/cvs -t import -m 'Created' suurivendor_branch_tag start_rev_tag

-> parse_cvsroot ( /apps/repos )
-> main loop with CVSROOT=/apps/repos
-> Parse_Info (/apps/repos/CVSROOT/verifymsg, suuri, not ALL)
-> safe_location ( where=
Program received signal SIGSEGV, Segmentation fault.
0xef624734 in strlen ()
(gdb) bt
#0  0xef624734 in strlen ()
#1  0xef65a62c in _doprnt ()
#2  0xef6638a8 in vfprintf ()
#3  0x5dd4c in cvs_trace (level=730872,
  fmt=0x84d30 "safe_location ( where=%s )") at subr.c:944
#4  0x1ff0c in safe_location (where=0x0) at checkout.c:434
#5  0x37564 in import (argc=3, argv=0xeffffbe0) at import.c:288
#6  0x405e4 in main (argc=6, argv=0xeffffbd4) at main.c:1021
(gdb) up
(gdb) up
(gdb) up
#4  0x1ff0c in safe_location (where=0x0) at checkout.c:434
434         TRACE ( TRACE_FUNCTION, "safe_location ( where=%s )", where );
(gdb) p where

$1 = 0x0Following patch fixes the bug:

sampo:/usr/src/cvs-1.12.1/src 0$ diff -u checkout.c-old-broken checkout.c
--- checkout.c-old-broken       Mon May 19 18:57:50 2003
+++ checkout.c  Thu Jun 26 19:44:23 2003
@@ -431,7 +431,7 @@
   size_t hardpath_len;

int retval;

-    TRACE ( TRACE_FUNCTION, "safe_location ( where=%s )", where );

+ TRACE ( TRACE_FUNCTION, "safe_location ( where=%s )", where?where:"?");

#ifdef CLIENT_SUPPORT

/* Don't compare remote CVSROOTs to our destination directory. */

---

Cheers,
--Sampo
................................................................
: Sampo Kellomaki   -  Chief Architect : -> DirectoryScript <- :
: M: +351-918.731.007                  : Customize directories :
: F: +351-214.222.637  www.symlabs.com : LDAP SOAP Liberty SIP :
:..............................................................:

[Prev in Thread]

Current Thread

[Next in Thread]

PATCH: (cvs-1.12.1) cvs -t import segfaults due to NULL ptr check missing, sampo <=
- Re: PATCH: (cvs-1.12.1) cvs -t import segfaults due to NULL ptrcheck missing, Derek Robert Price, 2003/06/27

Prev by Date: Re: Socket Exception: Connection aborted by peer
Next by Date: Re: How-to apply the CVS patch.
Previous by thread: Socket Exception: Connection aborted by peer
Next by thread: Re: PATCH: (cvs-1.12.1) cvs -t import segfaults due to NULL ptrcheck missing
Index(es):
- Date
- Thread