Bug 1325786
| Summary: | date --date aborts when passed incorrectly quoted string, glibc:"Double free or corruption". | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Donald Douwsma <ddouwsma> |
| Component: | coreutils | Assignee: | Ondrej Vasik <ovasik> |
| Status: | CLOSED ERRATA | QA Contact: | Jakub Prokes <jprokes> |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.2 | CC: | jprokes, jscotka |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | coreutils-8.22-17.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-11-04 07:40:24 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
http://git.savannah.gnu.org/cgit/gnulib.git/commit/lib/parse-datetime.y?id=a10acfb1d2118f9a180181d3fed5399dbbe1df3c fixes this and similar issues. Reproducer and fix confirmed. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2497.html |
Description of problem: date core dumps when passed an incorrectly quoted string. # date --date='TZ="IST" 11:30PM"' ^ *** Error in `date': double free or corruption (out): 0x00007ffcd83e9700 *** ... (gdb) bt #0 0x00007f7c1cdec5f7 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 #1 0x00007f7c1cdedce8 in __GI_abort () at abort.c:90 #2 0x00007f7c1ce2c317 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7f7c1cf35988 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:196 #3 0x00007f7c1ce33fe1 in malloc_printerr (ar_ptr=0x7f7c1d171760 <main_arena>, ptr=<optimized out>, str=0x7f7c1cf35a68 "double free or corruption (out)", action=3) at malloc.c:5013 #4 _int_free (av=0x7f7c1d171760 <main_arena>, p=<optimized out>, have_lock=0) at malloc.c:3835 #5 0x00000000004065e0 in parse_datetime (result=result@entry=0x7ffd0fcbf100, p=<optimized out>, p@entry=0x7ffd0fcc0672 "TZ=\"IST\" 11:30PM\"B", now=<optimized out>, now@entry=0x0) at lib/parse-datetime.y:1307 #6 0x0000000000402245 in main (argc=2, argv=0x7ffd0fcbf2c8) at src/date.c:515 Version-Release number of selected component: coreutils-8.22-15.el7.x86_64 How reproducible: always