Re: Bug report on cdebconf: dpkg-preconfigure crashes with exit status 139
Hi everyone,
On 26/06/13 19:41, Alexandre Rebert wrote:
> Hi,
>
> We found a crash in dpkg-preconfigure contained in the cdebconf package. You are being
> contacted because your are listed as one of the maintainer of cdebconf.
>
> We are planning to submit the bug to the Debian bug tracking system in two
> weeks. We wanted to give you a heads-up, so that you some time to assess the
> seriousness of the bug before it is publicly disclosed.
>
> The bug report that will be submitted to the bug tracker is available at the
> following url:
>
> http://www.forallsecure.com/bug-reports/0b490c9cde588da20fd322f4f05ead920e705eb8/
I just had a look, and the problem was pretty simple to fix. I was
missing a check on $PATH being NULL before calling strdup() on it. I
have a fix which I plan to push tonight along with a couple of other
patches.
One thing I noticed, however, is that, because some of the programs are
only expected to be run as root, they return immediately if getuid()
returns non-zero (e.g. dpkg-reconfigure from cdebconf) and do not
actually get tested beyond this point. Alexandre, I don't know if this
issue showed up already in your experiment.
Regis
Reply to: