diff --git a/util-linux-2.20-rc1-hexdump-segfault.patch b/util-linux-2.20-rc1-hexdump-segfault.patch new file mode 100644 index 0000000..837ad9f --- /dev/null +++ b/util-linux-2.20-rc1-hexdump-segfault.patch @@ -0,0 +1,65 @@ +From 474b1ae3ca463acec0c625fb7076bcc746671479 Mon Sep 17 00:00:00 2001 +From: Petr Uzel +Date: Wed, 10 Aug 2011 15:23:53 +0200 +Subject: [PATCH] hexdump: fix segfault due to uninitialized memory + +util-linux commit 85bf44b714ab184907eb448eba389218956d6a51 +replaced all calls to emalloc() with xmalloc(), whose semantics +is however different - it does not zero allocated memory. This +made hexdump segfault if MALLOC_PERTURB_ was set. + +Reported-by: Kyrill Detinov +Addresses: https://bugzilla.novell.com/show_bug.cgi?id=710877 + +Signed-off-by: Petr Uzel +--- + text-utils/display.c | 4 ++-- + text-utils/parse.c | 6 +++--- + 2 files changed, 5 insertions(+), 5 deletions(-) + +Index: util-linux-2.20-rc1/text-utils/display.c +=================================================================== +--- util-linux-2.20-rc1.orig/text-utils/display.c ++++ util-linux-2.20-rc1/text-utils/display.c +@@ -233,8 +233,8 @@ get(void) + u_char *tmpp; + + if (!curp) { +- curp = xmalloc(blocksize); +- savp = xmalloc(blocksize); ++ curp = xcalloc(1, blocksize); ++ savp = xcalloc(1, blocksize); + } else { + tmpp = curp; + curp = savp; +Index: util-linux-2.20-rc1/text-utils/parse.c +=================================================================== +--- util-linux-2.20-rc1.orig/text-utils/parse.c ++++ util-linux-2.20-rc1/text-utils/parse.c +@@ -86,7 +86,7 @@ void add(const char *fmt) + const char *savep; + + /* Start new linked list of format units. */ +- tfs = xmalloc(sizeof(FS)); ++ tfs = xcalloc(1, sizeof(FS)); + if (!fshead) + fshead = tfs; + else +@@ -102,7 +102,7 @@ void add(const char *fmt) + break; + + /* Allocate a new format unit and link it in. */ +- tfu = xmalloc(sizeof(FU)); ++ tfu = xcalloc(1, sizeof(FU)); + *nextfu = tfu; + nextfu = &tfu->nextfu; + tfu->reps = 1; +@@ -219,7 +219,7 @@ void rewrite(FS *fs) + * conversion character gets its own. + */ + for (nconv = 0, fmtp = fu->fmt; *fmtp; nextpr = &pr->nextpr) { +- pr = xmalloc(sizeof(PR)); ++ pr = xcalloc(1, sizeof(PR)); + if (!fu->nextpr) + fu->nextpr = pr; + else diff --git a/util-linux.changes b/util-linux.changes index ad61245..2250ada 100644 --- a/util-linux.changes +++ b/util-linux.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Aug 10 13:42:33 UTC 2011 - puzel@novell.com + +- add util-linux-2.20-rc1-hexdump-segfault.patch (bnc#710877) + ------------------------------------------------------------------- Wed Aug 10 12:20:41 UTC 2011 - puzel@novell.com diff --git a/util-linux.spec b/util-linux.spec index 84c7d41..0c74fcd 100644 --- a/util-linux.spec +++ b/util-linux.spec @@ -87,6 +87,8 @@ Patch4: util-linux-wall-build-with-pie.patch Patch5: util-linux-2.20-rc1-agetty-fixes.patch # bnc#710471 Patch6: util-linux-2.20-rc-fix-dmesg.patch +# bnc#710877 +Patch7: util-linux-2.20-rc1-hexdump-segfault.patch ## ## adjtimex ## @@ -191,6 +193,7 @@ Files to develop applications using the libmount library. %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 -p1 # cd adjtimex-*