Invalid read of size 1

To: debian-dpkg@lists.debian.org
Subject: Invalid read of size 1
From: Martin Quinson <Martin.Quinson@tuxfamily.org>
Date: Tue, 28 May 2002 19:16:09 +0200
Message-id: <[🔎] 20020528171608.GF1093@blaise.ens-lyon.fr>

Hello,

I just discovered the marvelous tool valgrind, so i launched it on 
  dpkg -l \*
to see the result. Well, it covers the screen with errors of the type
>>>>
==4389== Invalid read of size 1
==4389==    at 0x40041255: (within /usr/lib/valgrind/valgrind.so)
==4389==    by 0x805CC0A: nfstrnsave (/home/mquinson/src/DEBIAN/dpkg-1.9.21/lib/nfmalloc.c:62)
==4389==    by 0x805E0B8: parseversion (/home/mquinson/src/DEBIAN/dpkg-1.9.21/lib/parsehelp.c:217)
==4389==    by 0x8060245: f_dependency (/home/mquinson/src/DEBIAN/dpkg-1.9.21/lib/fields.c:397)
==4389==    Address 0x42CE84BC is 0 bytes after a block of size 8 alloc'd
==4389==    at 0x4004088B: (within /usr/lib/valgrind/valgrind.so)
==4389==    by 0x40040D94: (within /usr/lib/valgrind/valgrind.so)
==4389==    by 0x806020C: f_dependency (/home/mquinson/src/DEBIAN/dpkg-1.9.21/lib/fields.c:392)
==4389==    by 0x805D4ED: parsedb (/home/mquinson/src/DEBIAN/dpkg-1.9.21/lib/parse.c:207)
<<<<
and ends with:
>>>>
==4389== More than 300 different errors detected.  I'm not reporting any more.
==4389== Final error counts will be inaccurate.  Go fix your program!
<<<<


so, I digged around, and the patch to solve it is quite simple:
>>>>
--- lib/parsehelp.c~	Thu Jun  7 05:39:14 2001
+++ lib/parsehelp.c	Tue May 28 18:28:18 2002
@@ -214,7 +214,7 @@
   } else {
     rversion->epoch= 0;
   }
-  rversion->version= nfstrnsave(string,end-string+1);
+  rversion->version= nfstrnsave(string,end-string);
   hyphen= strrchr(rversion->version,'-');
   if (hyphen) *hyphen++= 0;
   rversion->revision= hyphen ? hyphen : "";
<<<<
The story is that this function nfstrnsave is in fact a wrapper to obstack,
and that this wrapper already take care of the \0 at the end of the string.

For example, another use of this function in the code is in parse.c:
        arp->name= nfstrnsave(fieldstart,fieldlen);
where fieldlen is initialized with strlen.




By the way, the wrapper around obstack is like that:
>>>>
char *nfstrsave(const char *string) {
  OBSTACK_INIT;
  return obstack_copy (&db_obs, string, strlen(string) + 1);
}

char *nfstrnsave(const char *string, int l) {
  char *ret;
  OBSTACK_INIT;
  ret = obstack_copy (&db_obs, string, l + 1);
  *(ret + l) = 0;
  return ret;
}
<<<<

It seems to me that the nfstrsave don't put the terminating \0 to the
string. It may be better to use the obstack_copy0 function. Here is the
documentation of this function: 
>>>>
void * obstack_copy0 (struct obstack *obstack-ptr, void *address, int size)

  Like obstack_copy, but appends an extra byte containing a null character.
  This extra byte is not counted in the argument size.

The obstack_copy0 function is convenient for copying a sequence of
characters into an obstack as a null-terminated string. Here is an example
of its use:

char *
obstack_savestring (char *addr, int size)
{
  return obstack_copy0 (&myobstack, addr, size);
}
<<<<  




HTH, Mt.

PS: do you prefer me to submit such things as bug, for archiving, or do you
    prefer such short mails about small issues ?


-- 
To UNSUBSCRIBE, email to debian-dpkg-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Invalid read of size 1
  - From: Wichert Akkerman <wichert@wiggy.net>

Prev by Date: Re: printversion could be more translation-friendly
Next by Date: Re: Invalid read of size 1
Previous by thread: Re: install-info: failed to lock- Problem
Next by thread: Re: Invalid read of size 1
Index(es):
- Date
- Thread