Bug#711045: libapt-pkg4.12: double free or corruption with libbz2
On Tue, Jun 04, 2013 at 10:55:02AM +0200, Gregoire Menuel wrote:
> Package: libapt-pkg4.12
> Version: 0.9.7.8
> Severity: normal
> Tags: patch
Thanks for your bugreort and your patch.
> Dear Maintainer,
>
> In some cases apt will crash yelding a double free or corruption error, I've
> encountered the bug with apt-cdrom add for exemple.
>
> The attached patch seems to fix that bug.
I can reproduce this in a small test program. Patch is applied and
will be part of the next upload.
Thanks!
Michael
> Regards,
>
> Grégoire Menuel
>
>
>
> -- System Information:
> Debian Release: 7.0
> APT prefers stable-updates
> APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
> Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages libapt-pkg4.12 depends on:
> ii libbz2-1.0 1.0.6-4
> ii libc6 2.13-38
> ii libgcc1 1:4.7.2-5
> ii libstdc++6 4.7.2-5
> ii multiarch-support 2.13-38
> ii zlib1g 1:1.2.7.dfsg-13
>
> libapt-pkg4.12 recommends no packages.
>
> libapt-pkg4.12 suggests no packages.
>
> -- no debconf information
> Index: apt-pkg/contrib/fileutl.cc
> ===================================================================
> --- apt-pkg/contrib/fileutl.cc (révision 8604)
> +++ apt-pkg/contrib/fileutl.cc (copie de travail)
> @@ -1424,8 +1424,10 @@
> return _error->Error("Reopen is only implemented for read-only files!");
> }
> #ifdef HAVE_BZ2
> - if (d->bz2 != NULL)
> - BZ2_bzclose(d->bz2);
> + if (d->bz2 != NULL) {
> + BZ2_bzclose(d->bz2);
> + d->bz2 = NULL;
> + }
> #endif
> if (iFd != -1)
> close(iFd);
Reply to: