ariadne
/
pkgconf
3
6
Fork 4
Code Issues 6 Pull Requests 2 Projects Releases 2 Wiki Activity

pkgconf crash when miss terminating quote #138

New Issue
Closed
opened 2017-09-19 08:43:28 +00:00 by karen-arutyunov · 2 comments
karen-arutyunov commented 2017-09-19 08:43:28 +00:00 (Migrated from github.com)

pkgconf crashes if Cflags value misses terminating quote. The issue can be reproduced for the following a.pc file:

Name: foo
Version: 1
Description: None.
Cflags: '-I/ABC

[karen@fed pkgconf-1.3.9]$ ./pkgconf a.pc
*** Error in `/home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf': double free or corruption (fasttop): 0x00000000012969e0 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x77d75)[0x7f6e94bf9d75]
/lib64/libc.so.6(+0x801ca)[0x7f6e94c021ca]
/lib64/libc.so.6(cfree+0x4c)[0x7f6e94c0572c]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_argv_free+0x27)[0x7f6e94f4b565]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_fragment_parse+0x92)[0x7f6e94f4b52f]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x4cf4)[0x7f6e94f47cf4]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x4db2)[0x7f6e94f47db2]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_new_from_file+0x3e0)[0x7f6e94f48365]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_find+0xd1)[0x7f6e94f48cb0]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_verify_dependency+0x7a)[0x7f6e94f49724]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x6a66)[0x7f6e94f49a66]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_traverse+0x15a)[0x7f6e94f49ed3]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_verify_graph+0x33)[0x7f6e94f49837]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x9f0e)[0x7f6e94f4cf0e]
/home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_queue_validate+0x93)[0x7f6e94f4d0b6]
/home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf[0x4035b5]
/lib64/libc.so.6(__libc_start_main+0xf0)[0x7f6e94ba2580]
/home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf[0x401649]
======= Memory map: ========
00400000-00408000 r-xp 00000000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf
00607000-00608000 r--p 00007000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf
00608000-00609000 rw-p 00008000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf
01296000-012b7000 rw-p 00000000 00:00 0 [heap]
7f6e90000000-7f6e90021000 rw-p 00000000 00:00 0
7f6e90021000-7f6e94000000 ---p 00000000 00:00 0
7f6e9496b000-7f6e94981000 r-xp 00000000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1
7f6e94981000-7f6e94b80000 ---p 00016000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1
7f6e94b80000-7f6e94b81000 r--p 00015000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1
7f6e94b81000-7f6e94b82000 rw-p 00016000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1
7f6e94b82000-7f6e94d39000 r-xp 00000000 fd:00 33555743 /usr/lib64/libc-2.22.so
7f6e94d39000-7f6e94f39000 ---p 001b7000 fd:00 33555743 /usr/lib64/libc-2.22.so
7f6e94f39000-7f6e94f3d000 r--p 001b7000 fd:00 33555743 /usr/lib64/libc-2.22.so
7f6e94f3d000-7f6e94f3f000 rw-p 001bb000 fd:00 33555743 /usr/lib64/libc-2.22.so
7f6e94f3f000-7f6e94f43000 rw-p 00000000 00:00 0
7f6e94f43000-7f6e94f50000 r-xp 00000000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0
7f6e94f50000-7f6e95150000 ---p 0000d000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0
7f6e95150000-7f6e95151000 r--p 0000d000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0
7f6e95151000-7f6e95152000 rw-p 0000e000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0
7f6e95152000-7f6e951a2000 rw-p 00000000 00:00 0
7f6e951a2000-7f6e951c3000 r-xp 00000000 fd:00 33555725 /usr/lib64/ld-2.22.so
7f6e953ab000-7f6e953ae000 rw-p 00000000 00:00 0
7f6e953bf000-7f6e953c2000 rw-p 00000000 00:00 0
7f6e953c2000-7f6e953c3000 r--p 00020000 fd:00 33555725 /usr/lib64/ld-2.22.so
7f6e953c3000-7f6e953c4000 rw-p 00021000 fd:00 33555725 /usr/lib64/ld-2.22.so
7f6e953c4000-7f6e953c5000 rw-p 00000000 00:00 0
7fff1257b000-7fff125bf000 rw-p 00000000 00:00 0 [stack]
7fff125eb000-7fff125ed000 r--p 00000000 00:00 0 [vvar]
7fff125ed000-7fff125ef000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)

pkgconf crashes if Cflags value misses terminating quote. The issue can be reproduced for the following a.pc file: Name: foo Version: 1 Description: None. Cflags: '-I/ABC [karen@fed pkgconf-1.3.9]$ ./pkgconf a.pc *** Error in `/home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf': double free or corruption (fasttop): 0x00000000012969e0 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x77d75)[0x7f6e94bf9d75] /lib64/libc.so.6(+0x801ca)[0x7f6e94c021ca] /lib64/libc.so.6(cfree+0x4c)[0x7f6e94c0572c] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_argv_free+0x27)[0x7f6e94f4b565] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_fragment_parse+0x92)[0x7f6e94f4b52f] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x4cf4)[0x7f6e94f47cf4] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x4db2)[0x7f6e94f47db2] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_new_from_file+0x3e0)[0x7f6e94f48365] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_find+0xd1)[0x7f6e94f48cb0] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_verify_dependency+0x7a)[0x7f6e94f49724] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x6a66)[0x7f6e94f49a66] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_traverse+0x15a)[0x7f6e94f49ed3] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_pkg_verify_graph+0x33)[0x7f6e94f49837] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(+0x9f0e)[0x7f6e94f4cf0e] /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2(pkgconf_queue_validate+0x93)[0x7f6e94f4d0b6] /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf[0x4035b5] /lib64/libc.so.6(__libc_start_main+0xf0)[0x7f6e94ba2580] /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf[0x401649] ======= Memory map: ======== 00400000-00408000 r-xp 00000000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf 00607000-00608000 r--p 00007000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf 00608000-00609000 rw-p 00008000 fd:00 68601815 /home/karen/projects/pkgconf-1.3.9/.libs/lt-pkgconf 01296000-012b7000 rw-p 00000000 00:00 0 [heap] 7f6e90000000-7f6e90021000 rw-p 00000000 00:00 0 7f6e90021000-7f6e94000000 ---p 00000000 00:00 0 7f6e9496b000-7f6e94981000 r-xp 00000000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1 7f6e94981000-7f6e94b80000 ---p 00016000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1 7f6e94b80000-7f6e94b81000 r--p 00015000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1 7f6e94b81000-7f6e94b82000 rw-p 00016000 fd:00 35543539 /usr/lib64/libgcc_s-5.3.1-20160406.so.1 7f6e94b82000-7f6e94d39000 r-xp 00000000 fd:00 33555743 /usr/lib64/libc-2.22.so 7f6e94d39000-7f6e94f39000 ---p 001b7000 fd:00 33555743 /usr/lib64/libc-2.22.so 7f6e94f39000-7f6e94f3d000 r--p 001b7000 fd:00 33555743 /usr/lib64/libc-2.22.so 7f6e94f3d000-7f6e94f3f000 rw-p 001bb000 fd:00 33555743 /usr/lib64/libc-2.22.so 7f6e94f3f000-7f6e94f43000 rw-p 00000000 00:00 0 7f6e94f43000-7f6e94f50000 r-xp 00000000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0 7f6e94f50000-7f6e95150000 ---p 0000d000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0 7f6e95150000-7f6e95151000 r--p 0000d000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0 7f6e95151000-7f6e95152000 rw-p 0000e000 fd:00 68138730 /home/karen/projects/pkgconf-1.3.9/.libs/libpkgconf.so.2.0.0 7f6e95152000-7f6e951a2000 rw-p 00000000 00:00 0 7f6e951a2000-7f6e951c3000 r-xp 00000000 fd:00 33555725 /usr/lib64/ld-2.22.so 7f6e953ab000-7f6e953ae000 rw-p 00000000 00:00 0 7f6e953bf000-7f6e953c2000 rw-p 00000000 00:00 0 7f6e953c2000-7f6e953c3000 r--p 00020000 fd:00 33555725 /usr/lib64/ld-2.22.so 7f6e953c3000-7f6e953c4000 rw-p 00021000 fd:00 33555725 /usr/lib64/ld-2.22.so 7f6e953c4000-7f6e953c5000 rw-p 00000000 00:00 0 7fff1257b000-7fff125bf000 rw-p 00000000 00:00 0 [stack] 7fff125eb000-7fff125ed000 r--p 00000000 00:00 0 [vvar] 7fff125ed000-7fff125ef000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Aborted (core dumped)
ariadne commented 2017-09-20 02:10:31 +00:00

A security fix will be included in 1.3.9.

A security fix will be included in 1.3.9.
ariadne commented 2017-09-20 03:00:33 +00:00

pkgconf 1.3.9 is released containing this security fix

pkgconf 1.3.9 is released containing this security fix
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
stable/1.8.x
feature/tap-sh
pkgconf-2.2.0
pkgconf-2.1.1
pkgconf-2.1.0
pkgconf-2.0.3
pkgconf-2.0.2
pkgconf-2.0.1
pkgconf-2.0.0
pkgconf-1.9.5
pkgconf-1.8.1
pkgconf-1.9.4
pkgconf-1.9.3
pkgconf-1.9.2
pkgconf-1.9.1
pkgconf-1.9.0
pkgconf-1.8.0
pkgconf-1.7.4
pkgconf-1.7.3
pkgconf-1.7.2
pkgconf-1.7.1
pkgconf-1.7.0
pkgconf-1.6.3
pkgconf-1.6.2
pkgconf-1.6.1
pkgconf-1.6.0
pkgconf-1.5.4
pkgconf-1.5.3
pkgconf-1.5.2
pkgconf-1.5.1
pkgconf-1.4.2
pkgconf-1.4.1
pkgconf-1.4.0
pkgconf-1.3.90
pkgconf-1.3.12
pkgconf-1.3.11
pkgconf-1.3.10
pkgconf-1.3.9
pkgconf-1.3.8
pkgconf-1.3.7
pkgconf-1.3.6
pkgconf-1.3.5
pkgconf-1.3.4
pkgconf-1.3.3
pkgconf-1.3.2
pkgconf-1.3.1
pkgconf-1.3.0
pkgconf-1.2.2
pkgconf-1.2.1
pkgconf-1.2.0
pkgconf-1.1.1
pkgconf-1.1.0
pkgconf-1.0.2
pkgconf-1.0.1
pkgconf-1
pkgconf-0.9.12
pkgconf-0.9.11
pkgconf-0.9.10
pkgconf-0.9.9
pkgconf-0.9.8
pkgconf-0.9.7
pkgconf-0.9.6
pkgconf-0.9.5
pkgconf-0.9.4
pkgconf-0.9.3
pkgconf-0.9.2
pkgconf-0.9.1
pkgconf-0.9.0
pkgconf-0.8.12
pkgconf-0.8.11
pkgconf-0.8.10
pkgconf-0.8.9
pkgconf-0.8.8
pkgconf-0.8.7
pkgconf-0.8.6
pkgconf-0.8.5
pkgconf-0.8.4
pkgconf-0.8.3
pkgconf-0.8.2
pkgconf-0.8.1
pkgconf-0.8
pkgconf-0.7
pkgconf-0.6
pkgconf-0.5.3
pkgconf-0.5.2
pkgconf-0.5.1
pkgconf-0.5
pkgconf-0.4
pkgconf-0.3
pkgconf-0.2
pkgconf-0.1.1
pkgconf-0.1
Labels
Clear labels   
bug
   
duplicate
   
enhancement
   
invalid
   
question
   
wontfix
No Label
bug
duplicate
enhancement
invalid
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ariadne/pkgconf#138
There is no content yet.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?