Bug 19692

Summary: rpm2cpio 4.0 dumps core on Solaris 2.8
Product: [Retired] Red Hat Linux Reporter: luc.maisonobe
Component: rpmAssignee: Jeff Johnson <jbj>
Status: CLOSED WORKSFORME QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2   
Target Milestone: ---   
Target Release: ---   
Hardware: sparc   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-11-10 08:56:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description luc.maisonobe 2000-10-24 15:44:39 UTC 
I have compiled rpm 4.0 on a sparc station running Solaris 2.8 (btw, I have
added the proper
os_compat line in the rpmrc file to declare solaris 2.8).

The rpm command seems to run (I have not tested it fully), but the rpm2cpio
command dumps core with the following message :

   cannot re-open payload: Segmentation Fault(coredump)

The trace stack from the core file is :

(gdb) bt
bt
#0  0xff0b29ec in strlen () from /usr/lib/libc.so.1
#1  0xff1012c0 in _doprnt () from /usr/lib/libc.so.1
#2  0xff102d68 in fprintf () from /usr/lib/libc.so.1
#3  0x18d20 in main ()
(gdb) 

If I use rpm -qip on the same rpm file, I get the right informations, so
the file by itself seems to be OK.
Comment 1 luc.maisonobe 2000-11-10 08:56:13 UTC 
2000-11-10 08:30:00 MET

I have checked older versions of rpm. The problem seem to have been introduced
between versions
3.0.3 and 3.0.4 of the distribution.

Further investigation showed me that in the gzdFdopen function of rpmio.c, the
statement
   fdSetFdno(fd, -1);
stores -1 in the structure pointed to by the fdi variable of the main function,
the file descriptor which
was 4 before this is later pushed on the following element of the fps table.
However, there is a test later on in main :
  if (gzdi == NULL || Ferror(gzdi)) {
   fprintf(stderr, _("cannot re-open payload: %s\n"), Fstrerror(gzdi));
    	exit(EXIT_FAILURE);
    }

The Ferror (gzdi) tests both the element where fd = 4 and the previous ones
where fd = -1. This
triggers the error handling.  The Fstrerror function then returns the errcookie
pointer, which is NULL
since its creation by XfdNew. This leads to a segmentation violation in the
fprintf call.

I think there are two separate problems:
  - an inconsistency between the resetting of the fd to -1 which seems to means
this entry is not
    valid anymore and the the Ferror test which fails when it detects this -1

  - an initialization problem of the errcookie pointer to NULL.


                                                                               
hope this helps
                                                                                     
Luc
Comment 2 Jeff Johnson 2000-12-30 19:36:57 UTC 
I believe this is now fixed in rpm CVS. The "fix" I am remembering is in
rpm2cpio.c to
change the check for the return code to

    gzdi = Fdopen(fdi, rpmio_flags);    /* XXX gzdi == fdi */
    if (gzdi == NULL) {
        fprintf(stderr, _("cannot re-open payload: %s\n"), Fstrerror(gzdi));
        exit(EXIT_FAILURE);
    }

Please reopen if I'm misremembering.