Bug#203741: apt sigcheck patches

To: Colin Walters <walters@debian.org>
Cc: Isaac Jones <ijones@syntaxpolice.org>, 203741@bugs.debian.org
Subject: Bug#203741: apt sigcheck patches
From: Matt Zimmerman <mdz@debian.org>
Date: Fri, 26 Dec 2003 08:26:19 -0800
Message-id: <[🔎] 20031226162619.GK17472@alcor.net>
Reply-to: Matt Zimmerman <mdz@debian.org>, 203741@bugs.debian.org
In-reply-to: <20030822010129.GF23625@alcor.net>
References: <20030820223353.GJ6194@alcor.net> <1061436404.9174.0.camel@columbia> <20030822010129.GF23625@alcor.net>

On Thu, Aug 21, 2003 at 09:01:29PM -0400, Matt Zimmerman wrote:
> On a system running apt CVS + this patch, I get a number of reproducible
> segfaults.  For example, after "apt-get source" and "apt-get install".
> 
> #0  0x401ff136 in mallopt () from /lib/libc.so.6
> #1  0x401ff050 in mallopt () from /lib/libc.so.6
> #2  0x401fde67 in free () from /lib/libc.so.6
> #3  0x4013e261 in operator delete(void*) () from /usr/lib/libstdc++.so.5
> #4  0x4013e2bc in operator delete[](void*) () from /usr/lib/libstdc++.so.5
> #5  0x4004e09b in ~pkgTagFile (this=0x80aeb70) at tagfile.cc:58
> #6  0x40083bec in ~debRecordParser (this=0x8092770) at basic_string.h:217
> #7  0x40055589 in ~pkgRecords (this=0xbffff340) at pkgrecords.cc:55
> #8  0x08058c6b in DoSource(CommandLine&) (CmdL=@0x41181940) at apt-get.cc:747
> #9  0x4003cea4 in CommandLine::DispatchArg(CommandLine::Dispatch*, bool) (
>     this=0xbffff480, Map=0xbffff490, NoMatch=true) at contrib/cmndline.cc:340
> #10 0x0805bb27 in main (argc=3, argv=0xbffff7d4) at apt-get.cc:2423
> 
> It doesn't crash in any new code, but another apt built with the same
> compiler, without the sigcheck patch, doesn't have this problem.  Maybe
> there is some heap corruption happening somewhere?

I found this bug; it was here (srcrecords.cc):

/* Open all the source index files */
pkgSrcRecords::pkgSrcRecords(pkgSourceList &List) : Files(0), Current(0)
{
   Files = new Parser *[List.end() - List.begin() + 1];
   memset(Files,0,sizeof(*Files)*(List.end() - List.begin() + 1));
   
   unsigned int Count = 0;
   pkgSourceList::const_iterator I = List.begin();
   for (; I != List.end(); I++)
   {
      vector<pkgIndexFile *> *Indexes = (*I)->GetIndexFiles();
      for (vector<pkgIndexFile *>::const_iterator J = Indexes->begin();
           J != Indexes->end(); J++)
      {
         Files[Count] = (*J)->CreateSrcParser();
         if (_error->PendingError() == true)
            return;
         if (Files[Count] != 0)
            Count++;
      }
   }
   Files[Count] = 0;

Notice that Files is initialized to be the same size as List, but for each
element in List there can be multiple elements inserted into Files.  I
changed it to be a vector.

-- 
 - mdz

Reply to:

Follow-Ups:
- Bug#203741: apt sigcheck patches
  - From: Colin Walters <walters@debian.org>

Prev by Date: Bug#115953: Are you Home?
Next by Date: Processed: Fixed in upload of apt 0.6.0 to experimental
Previous by thread: Bug#115953: Are you Home?
Next by thread: Bug#203741: apt sigcheck patches
Index(es):
- Date
- Thread