[ltrace/f19] Properly check rindex call over pathname for NULL-ness

Petr Machata pmachata at fedoraproject.org
Wed Jan 15 17:16:19 UTC 2014 

commit 68804bd72b65fd8ea2f506bd36b601dfc91aafbc
Author: Petr Machata <pmachata at redhat.com>
Date:   Wed Jan 15 18:08:05 2014 +0100

    Properly check rindex call over pathname for NULL-ness

 ltrace-0.7.2-rindex_NULL.patch |   29 +++++++++++++++++++++++++++++
 ltrace.spec                    |   10 +++++++++-
 2 files changed, 38 insertions(+), 1 deletions(-)
---
diff --git a/ltrace-0.7.2-rindex_NULL.patch b/ltrace-0.7.2-rindex_NULL.patch
new file mode 100644
index 0000000..67f494a
--- /dev/null
+++ b/ltrace-0.7.2-rindex_NULL.patch
@@ -0,0 +1,29 @@
+From aafb00b7d7751049b99cac3953b5021e4f474ac4 Mon Sep 17 00:00:00 2001
+From: Petr Machata <pmachata at redhat.com>
+Date: Tue, 8 Jan 2013 18:12:07 +0100
+Subject: [PATCH] Don't add 1 to potentially NULL pointer comming from rindex
+
+---
+ ltrace-elf.c |    8 +++++---
+ 1 files changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/ltrace-elf.c b/ltrace-elf.c
+index 1d0f769..29c204f 100644
+--- a/ltrace-elf.c
++++ b/ltrace-elf.c
+@@ -889,8 +889,10 @@ read_module(struct library *lib, struct process *proc,
+ 			goto fail;
+ 		library_set_soname(lib, soname, 1);
+ 	} else {
+-		const char *soname = rindex(lib->pathname, '/') + 1;
+-		if (soname == NULL)
++		const char *soname = rindex(lib->pathname, '/');
++		if (soname != NULL)
++			soname += 1;
++		else
+ 			soname = lib->pathname;
+ 		library_set_soname(lib, soname, 0);
+ 	}
+-- 
+1.7.6.5
+
diff --git a/ltrace.spec b/ltrace.spec
index b3000f1..2dcdf0a 100644
--- a/ltrace.spec
+++ b/ltrace.spec
@@ -1,7 +1,7 @@
 Summary: Tracks runtime library calls from dynamically linked executables
 Name: ltrace
 Version: 0.7.2
-Release: 5%{?dist}
+Release: 6%{?dist}
 URL: http://ltrace.alioth.debian.org/
 License: GPLv2+
 Group: Development/Debuggers
@@ -27,6 +27,9 @@ Patch2: ltrace-0.7.2-unused-typedef.patch
 # s390 set_instruction_pointer: Set highest bit in 31-bit tracer
 Patch3: ltrace-0.7.2-s390-set_instruction_pointer.patch
 
+# https://bugzilla.redhat.com/show_bug.cgi?id=1044766
+Patch4: ltrace-0.7.2-rindex_NULL.patch
+
 %description
 Ltrace is a debugging program which runs a specified command until the
 command exits.  While the command is executing, ltrace intercepts and
@@ -43,6 +46,7 @@ execution of processes.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 %build
 autoreconf -i
@@ -68,6 +72,10 @@ echo ====================TESTING END=====================
 %config(noreplace) %{_sysconfdir}/ltrace.conf
 
 %changelog
+* Wed Jan 15 2014 Petr Machata <pmachata at redhat.com> - 0.7.2-6
+- Add an upstream patch for proper checking of rindex call over
+  pathname for NULL-ness.  (ltrace-0.7.2-rindex_NULL.patch)
+
 * Tue Mar 26 2013 Petr Machata <pmachata at redhat.com> - 0.7.2-5
 - On s390, the highest bit in PC address is used to distinguish
   between 24-bit and 31-bit addressing modes.  Linux used to do this

More information about the scm-commits mailing list