[PATCH] Fix for recoverdm crash bug
Hello Folkert,
The package recoverdm in Debian has a bug [1]:
"recoverdm: mergebad crashes with exit status 139".
I've prepared a quick-fix patch for the problem, see attachment (also [2]).
Note, that Debian has also two more tiny patches [3] for recoverdm.
Please apply the fixes!
I'm sending this request by email, since recoverdm do not have a bugtracker. It would be great to place recoverdm on github, since users like it for precise and low-level operations on hardware ;)
Best wishes,
Aleksey
Description: fix for crash of mergebad binary.
The mergebad utility crashes when supplied a single '-s' argument.
The patch adds checking the number of supplied arguments.
Author: Aleksey Kravchenko <rhash.admin@gmail.com>
Bug-Debian: http://bugs.debian.org/716182
Last-Update: 2019-01-15
diff --git a/mergebad.c b/mergebad.c
index 34a6ef7..9b1983c 100644
--- a/mergebad.c
+++ b/mergebad.c
@@ -250,6 +250,8 @@ void usage(void)
fprintf(stderr, "-h This help.\n");
}
+#define check_args_num(required_args_num) (!(arg_num_error = (loop + (required_args_num) >= argc)))
+
int main(int argc, char *argv[])
{
image *imgs = NULL;
@@ -259,12 +261,13 @@ int main(int argc, char *argv[])
off64_t offset = 0, length = 0;
char *map_file = NULL;
FILE *fh_map_file = NULL;
+ int arg_num_error = 0;
version();
for(loop=1; loop<argc; loop++)
{
- if (strcmp(argv[loop], "-i") == 0)
+ if (strcmp(argv[loop], "-i") == 0 && check_args_num(2))
{
imgs = myrealloc(imgs, sizeof(image) * (n_imgs + 1), "image structure");
@@ -291,7 +294,7 @@ int main(int argc, char *argv[])
n_imgs++;
}
- else if (strcmp(argv[loop], "-o") == 0)
+ else if (strcmp(argv[loop], "-o") == 0 && check_args_num(1))
{
fd_out = open64(argv[++loop], O_WRONLY | O_CREAT | O_EXCL | O_SYNC, S_IRUSR | S_IWUSR);
if (fd_out == -1)
@@ -306,11 +309,11 @@ int main(int argc, char *argv[])
if (verbose)
printf("Writing output to: %s\n", argv[loop]);
}
- else if (strcmp(argv[loop], "-l") == 0)
+ else if (strcmp(argv[loop], "-l") == 0 && check_args_num(1))
{
map_file = argv[++loop];
}
- else if (strcmp(argv[loop], "-s") == 0)
+ else if (strcmp(argv[loop], "-s") == 0 && check_args_num(1))
{
length = atoll(argv[++loop]);
@@ -328,7 +331,10 @@ int main(int argc, char *argv[])
}
else
{
- fprintf(stderr, "Parameter '%s' is not recognized!\n", argv[loop]);
+ if (arg_num_error)
+ fprintf(stderr, "Not enough arguments for parameter '%s'!\n", argv[loop]);
+ else
+ fprintf(stderr, "Parameter '%s' is not recognized!\n", argv[loop]);
return 9;
}
}
Reply to: