Bug#192225: string::string(const char *) called with non-null-terminated string
Package: apt
Version: 0.5.4 (and current CVS)
Severity: normal
Tags: patch
Hello,
There's a bug in ReadMessages() in apt-pkg/contrib/strutl.cc where the
string::string(const char *) constructor gets called with a
non-null-terminated string.
There are three kinds of relevant (to this code) string constructors:
1. string::string(const char *, size_type n)
2. string::string(const string&, size_type pos, size_type n)
3. string::string(const char *)
The first one is obviously the intended one here, but because of the
second parameter the second one gets called. First, of course, a
temporary string object is created using the the third kind of
constructor, which assumes the parameter is a null-terminated string.
Here however it isn't.
Attached is a patch against the current CVS (1.47).
Sami
Index: apt-pkg/contrib/strutl.cc
===================================================================
RCS file: /cvs/deity/apt/apt-pkg/contrib/strutl.cc,v
retrieving revision 1.47
diff -u -r1.47 strutl.cc
--- apt-pkg/contrib/strutl.cc 2 Feb 2003 22:20:27 -0000 1.47
+++ apt-pkg/contrib/strutl.cc 6 May 2003 23:57:51 -0000
@@ -652,7 +652,7 @@
continue;
// Pull the message out
- string Message(Buffer,0,I-Buffer);
+ string Message(Buffer,I-Buffer);
// Fix up the buffer
for (; I < End && *I == '\n'; I++);
Reply to: