Bug#369255: libc6: inconsistent argp_parse environment variables can cause crashes
Package: libc6
Version: 2.3.6-7
Severity: normal
$ ARGP_HELP_FMT=rmargin=29 tar --h |wc -l; echo $PIPESTATUS
1031
139
$ dpkg-query -W tar
tar 1.15.1dfsg-3
My argp manpage (a work-in-progress) reads:
opt-doc-col=n
The column in which options' documentation is printed is set to
.IR n; default: 29.
Presumably, inconsistent options should generate a diagnostic message,
and the manually-set inconsistent parts should be either ignored, or
clipped to the nearest inconsistent value. Strangely, this is what
happened when I tried an SGID program which uses argp:
ARGP_HELP_FMT=rmargin=29 /usr/bin/dotlock.mailutils --h
dotlock.mailutils: ARGP_HELP_FMT: rmargin value is less then or equal to opt-doc-col
So it seems that a better argp parameter range checking is compiled
into mailutils:
Breakpoint 2, 0xb7f94496 in argp_parse () from /usr/lib/libmailutils.so.1
$ dpkg-query -W mailutils
mailutils 1:0.6.93-3
I don't see any reason for mailutils to be compiled with
--with-included-argp, either (or for autofoo to fail to recognize that
libc includes argp, if that's the cause).
Reply to: