pkgconf crash when miss terminating quote #138

New Issue

Closed

opened 2017-09-19 08:43:28 +00:00 by karen-arutyunov · 2 comments

karen-arutyunov commented 2017-09-19 08:43:28 +00:00 (Migrated from github.com)

pkgconf crashes if Cflags value misses terminating quote. The issue can be reproduced for the following a.pc file:

Name: foo
Version: 1
Description: None.
Cflags: '-I/ABC

[karen@fed pkgconf-1.3.9]$ ./pkgconf a.pc
*** Error in `/home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf': double free or corruption (fasttop): 0x00000000012969e0 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x77d75)[0x7f6e94bf9d75]
/lib64/libc.so.6(+0x801ca)[0x7f6e94c021ca]
/lib64/libc.so.6(cfree+0x4c)[0x7f6e94c0572c]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_argv_free+0x27)[0x7f6e94f4b565]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_fragment_parse+0x92)[0x7f6e94f4b52f]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x4cf4)[0x7f6e94f47cf4]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x4db2)[0x7f6e94f47db2]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_new_from_file+0x3e0)[0x7f6e94f48365]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_find+0xd1)[0x7f6e94f48cb0]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_verify_dependency+0x7a)[0x7f6e94f49724]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x6a66)[0x7f6e94f49a66]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_traverse+0x15a)[0x7f6e94f49ed3]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_verify_graph+0x33)[0x7f6e94f49837]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x9f0e)[0x7f6e94f4cf0e]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_queue_validate+0x93)[0x7f6e94f4d0b6]
/home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf[0x4035b5]
/lib64/libc.so.6(__libc_start_main+0xf0)[0x7f6e94ba2580]
/home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf[0x401649]
======= Memory map: ========
00400000-00408000 r-xp 00000000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf
00607000-00608000 r--p 00007000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf
00608000-00609000 rw-p 00008000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf
01296000-012b7000 rw-p 00000000 00:00 0 [heap]
7f6e90000000-7f6e90021000 rw-p 00000000 00:00 0
7f6e90021000-7f6e94000000 ---p 00000000 00:00 0
7f6e9496b000-7f6e94981000 r-xp 00000000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1
7f6e94981000-7f6e94b80000 ---p 00016000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1
7f6e94b80000-7f6e94b81000 r--p 00015000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1
7f6e94b81000-7f6e94b82000 rw-p 00016000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1
7f6e94b82000-7f6e94d39000 r-xp 00000000 fd:00 33555743 /usr/lib64/libc-2.22.so
7f6e94d39000-7f6e94f39000 ---p 001b7000 fd:00 33555743 /usr/lib64/libc-2.22.so
7f6e94f39000-7f6e94f3d000 r--p 001b7000 fd:00 33555743 /usr/lib64/libc-2.22.so
7f6e94f3d000-7f6e94f3f000 rw-p 001bb000 fd:00 33555743 /usr/lib64/libc-2.22.so
7f6e94f3f000-7f6e94f43000 rw-p 00000000 00:00 0
7f6e94f43000-7f6e94f50000 r-xp 00000000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0
7f6e94f50000-7f6e95150000 ---p 0000d000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0
7f6e95150000-7f6e95151000 r--p 0000d000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0
7f6e95151000-7f6e95152000 rw-p 0000e000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0
7f6e95152000-7f6e951a2000 rw-p 00000000 00:00 0
7f6e951a2000-7f6e951c3000 r-xp 00000000 fd:00 33555725 /usr/lib64/ld-2.22.so
7f6e953ab000-7f6e953ae000 rw-p 00000000 00:00 0
7f6e953bf000-7f6e953c2000 rw-p 00000000 00:00 0
7f6e953c2000-7f6e953c3000 r--p 00020000 fd:00 33555725 /usr/lib64/ld-2.22.so
7f6e953c3000-7f6e953c4000 rw-p 00021000 fd:00 33555725 /usr/lib64/ld-2.22.so
7f6e953c4000-7f6e953c5000 rw-p 00000000 00:00 0
7fff1257b000-7fff125bf000 rw-p 00000000 00:00 0 [stack]
7fff125eb000-7fff125ed000 r--p 00000000 00:00 0 [vvar]
7fff125ed000-7fff125ef000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)

pkgconf crashes if Cflags value misses terminating quote. The issue can be reproduced for the following a.pc file: Name: foo Version: 1 Description: None. Cflags: '-I/ABC [karen@fed pkgconf-1.3.9]$ ./pkgconf a.pc *** Error in `/home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf': double free or corruption (fasttop): 0x00000000012969e0 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x77d75)[0x7f6e94bf9d75] /lib64/libc.so.6(+0x801ca)[0x7f6e94c021ca] /lib64/libc.so.6(cfree+0x4c)[0x7f6e94c0572c] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_argv_free+0x27)[0x7f6e94f4b565] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_fragment_parse+0x92)[0x7f6e94f4b52f] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x4cf4)[0x7f6e94f47cf4] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x4db2)[0x7f6e94f47db2] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_new_from_file+0x3e0)[0x7f6e94f48365] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_find+0xd1)[0x7f6e94f48cb0] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_verify_dependency+0x7a)[0x7f6e94f49724] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x6a66)[0x7f6e94f49a66] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_traverse+0x15a)[0x7f6e94f49ed3] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_verify_graph+0x33)[0x7f6e94f49837] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x9f0e)[0x7f6e94f4cf0e] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_queue_validate+0x93)[0x7f6e94f4d0b6] /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf[0x4035b5] /lib64/libc.so.6(__libc_start_main+0xf0)[0x7f6e94ba2580] /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf[0x401649] ======= Memory map: ======== 00400000-00408000 r-xp 00000000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf 00607000-00608000 r--p 00007000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf 00608000-00609000 rw-p 00008000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf 01296000-012b7000 rw-p 00000000 00:00 0 [heap] 7f6e90000000-7f6e90021000 rw-p 00000000 00:00 0 7f6e90021000-7f6e94000000 ---p 00000000 00:00 0 7f6e9496b000-7f6e94981000 r-xp 00000000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1 7f6e94981000-7f6e94b80000 ---p 00016000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1 7f6e94b80000-7f6e94b81000 r--p 00015000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1 7f6e94b81000-7f6e94b82000 rw-p 00016000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1 7f6e94b82000-7f6e94d39000 r-xp 00000000 fd:00 33555743 /usr/lib64/libc-2.22.so 7f6e94d39000-7f6e94f39000 ---p 001b7000 fd:00 33555743 /usr/lib64/libc-2.22.so 7f6e94f39000-7f6e94f3d000 r--p 001b7000 fd:00 33555743 /usr/lib64/libc-2.22.so 7f6e94f3d000-7f6e94f3f000 rw-p 001bb000 fd:00 33555743 /usr/lib64/libc-2.22.so 7f6e94f3f000-7f6e94f43000 rw-p 00000000 00:00 0 7f6e94f43000-7f6e94f50000 r-xp 00000000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0 7f6e94f50000-7f6e95150000 ---p 0000d000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0 7f6e95150000-7f6e95151000 r--p 0000d000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0 7f6e95151000-7f6e95152000 rw-p 0000e000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0 7f6e95152000-7f6e951a2000 rw-p 00000000 00:00 0 7f6e951a2000-7f6e951c3000 r-xp 00000000 fd:00 33555725 /usr/lib64/ld-2.22.so 7f6e953ab000-7f6e953ae000 rw-p 00000000 00:00 0 7f6e953bf000-7f6e953c2000 rw-p 00000000 00:00 0 7f6e953c2000-7f6e953c3000 r--p 00020000 fd:00 33555725 /usr/lib64/ld-2.22.so 7f6e953c3000-7f6e953c4000 rw-p 00021000 fd:00 33555725 /usr/lib64/ld-2.22.so 7f6e953c4000-7f6e953c5000 rw-p 00000000 00:00 0 7fff1257b000-7fff125bf000 rw-p 00000000 00:00 0 [stack] 7fff125eb000-7fff125ed000 r--p 00000000 00:00 0 [vvar] 7fff125ed000-7fff125ef000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Aborted (core dumped)

ariadne commented 2017-09-20 02:10:31 +00:00

A security fix will be included in 1.3.9.

A security fix will be included in 1.3.9.

ariadne commented 2017-09-20 03:00:33 +00:00

pkgconf 1.3.9 is released containing this security fix

pkgconf 1.3.9 is released containing this security fix

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

stable/1.8.x

feature/tap-sh

pkgconf-2.3.0

pkgconf-2.2.0

pkgconf-2.1.1

pkgconf-2.1.0

pkgconf-2.0.3

pkgconf-2.0.2

pkgconf-2.0.1

pkgconf-2.0.0

pkgconf-1.9.5

pkgconf-1.8.1

pkgconf-1.9.4

pkgconf-1.9.3

pkgconf-1.9.2

pkgconf-1.9.1

pkgconf-1.9.0

pkgconf-1.8.0

pkgconf-1.7.4

pkgconf-1.7.3

pkgconf-1.7.2

pkgconf-1.7.1

pkgconf-1.7.0

pkgconf-1.6.3

pkgconf-1.6.2

pkgconf-1.6.1

pkgconf-1.6.0

pkgconf-1.5.4

pkgconf-1.5.3

pkgconf-1.5.2

pkgconf-1.5.1

pkgconf-1.4.2

pkgconf-1.4.1

pkgconf-1.4.0

pkgconf-1.3.90

pkgconf-1.3.12

pkgconf-1.3.11

pkgconf-1.3.10

pkgconf-1.3.9

pkgconf-1.3.8

pkgconf-1.3.7

pkgconf-1.3.6

pkgconf-1.3.5

pkgconf-1.3.4

pkgconf-1.3.3

pkgconf-1.3.2

pkgconf-1.3.1

pkgconf-1.3.0

pkgconf-1.2.2

pkgconf-1.2.1

pkgconf-1.2.0

pkgconf-1.1.1

pkgconf-1.1.0

pkgconf-1.0.2

pkgconf-1.0.1

pkgconf-1

pkgconf-0.9.12

pkgconf-0.9.11

pkgconf-0.9.10

pkgconf-0.9.9

pkgconf-0.9.8

pkgconf-0.9.7

pkgconf-0.9.6

pkgconf-0.9.5

pkgconf-0.9.4

pkgconf-0.9.3

pkgconf-0.9.2

pkgconf-0.9.1

pkgconf-0.9.0

pkgconf-0.8.12

pkgconf-0.8.11

pkgconf-0.8.10

pkgconf-0.8.9

pkgconf-0.8.8

pkgconf-0.8.7

pkgconf-0.8.6

pkgconf-0.8.5

pkgconf-0.8.4

pkgconf-0.8.3

pkgconf-0.8.2

pkgconf-0.8.1

pkgconf-0.8

pkgconf-0.7

pkgconf-0.6

pkgconf-0.5.3

pkgconf-0.5.2

pkgconf-0.5.1

pkgconf-0.5

pkgconf-0.4

pkgconf-0.3

pkgconf-0.2

pkgconf-0.1.1

pkgconf-0.1

Labels

Clear labels   

bug

  

duplicate

  

enhancement

  

invalid

  

question

  

wontfix

No Label

bug

duplicate

enhancement

invalid

question

wontfix

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ariadne/pkgconf#138

There is no content yet.