SHA256
1
0
forked from pool/file
file/file-5.28-compress.patch

42 lines
1.3 KiB
Diff
Raw Normal View History

-- Subject: Crash with file-5.28/libmagic and rpmbuild
| Hi,
|
| interesting crash with libmagic from file-5.28 used by rpmbuild or better
| its librpmbuild.so.3. See attached backtrace. It looks like strlcpy()
| runs on a NULL pointer as source. As well as it is not clrear why an
| ascii file like apefooter_8h__incl.md5 with a MD5 sum without line terminat=
| or
| does cause the libmagic to do an uncompress:
|
| file /home/abuild/rpmbuild/BUILDROOT/taglib-1.11-0.x86_64/usr/share/doc/pa=
| ckages/libtag-devel/html/apefooter_8h__incl.md5
| /home/abuild/rpmbuild/BUILDROOT/taglib-1.11-0.x86_64/usr/share/doc/package=
| s/libtag-devel/html/apefooter_8h__incl.md5: ASCII text, with no line termin=
| ators
|
It has been fixed on HEAD:
Best,
christos
Index: src/compress.c
===================================================================
RCS file: /p/file/cvsroot/file/src/compress.c,v
retrieving revision 1.97
retrieving revision 1.98
diff -u -r1.97 -r1.98
--- src/compress.c 13 May 2016 23:02:28 -0000 1.97
+++ src/compress.c 28 Jun 2016 16:38:26 -0000 1.98
@@ -517,7 +517,7 @@
return OKDATA;
err:
- strlcpy((char *)*newch, z.msg, bytes_max);
+ strlcpy((char *)*newch, z.msg ? z.msg : zError(rc), bytes_max);
*n = strlen((char *)*newch);
return ERRDATA;
}