Bug#676331: libapt-pkg4.12: segfault in CommandLine::Parse if Args has null LongOpt

To: submit@bugs.debian.org
Subject: Bug#676331: libapt-pkg4.12: segfault in CommandLine::Parse if Args has null LongOpt
From: Daniel Hartwig <mandyke@gmail.com>
Date: Wed, 6 Jun 2012 16:48:52 +0800
Message-id: <[🔎] CAN3veRf4zW+5_KxWQ5OQ0d=Khgn19-Cxt3Cq+mAV6_vszrgPXQ@mail.gmail.com>
Reply-to: Daniel Hartwig <mandyke@gmail.com>, 676331@bugs.debian.org

Package: libapt-pkg4.12
Version: 0.9.5.1
Severity: minor

apt-pkg/contrib/cmndline.h

>From the definition of CommandLine::Args::end() either ShortOpt or
LongOpt may be NULL.  However, any Args with LongOpt NULL will cause a
segfault in CommandLine::Parse at this point:

      // Match up to a = against the list
      Args *A;
      const char *OptEnd = strchrnul(Opt, '=');
      for (A = ArgList; A->end() == false &&
	   stringcasecmp(Opt,OptEnd,A->LongOpt) != 0; A++);

Checking for A->LongOpt == 0 before stringcasecmp, as in the attached
patch, is sufficient to avoid this.

Attachment: cmndline-null-longopt.patch
Description: Binary data

Attachment: test.cc
Description: Binary data

Reply to:

Follow-Ups:
- Bug#676331: marked as done (libapt-pkg4.12: segfault in CommandLine::Parse if Args has null LongOpt)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#535512: marked as done (Please add support for /etc/apt/preferences.d/)
Next by Date: Re: Request for Review: APT manpages
Previous by thread: Bug#535512: marked as done (Please add support for /etc/apt/preferences.d/)
Next by thread: Bug#676331: marked as done (libapt-pkg4.12: segfault in CommandLine::Parse if Args has null LongOpt)
Index(es):
- Date
- Thread