Bug 24686

Summary: rpm-4.0.1 macro expansion segfaults
Product: [Retired] Red Hat Linux Reporter: benedict
Component: rpmAssignee: Jeff Johnson <jbj>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0CC: jurgen
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-03-28 08:04:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description benedict 2001-01-23 13:46:52 UTC 
rpm-4.0.1 dies when trying to expand call to macro defined in a macrofile:

%setfilelist() \
  filelist=%1 \
  rm -f ${filelist} \
  filelists="${filelists} ${filelist}" \
%nil

the call is

%setfilelist rpm-filelist

Output with %dump and %trace will be mailed separately to you - it's 535
lines, I don't see any easy way to include such information here.

Below, see the command, then a gdb backtrace.

--- benedict

[benedict@beast:~/rpm-de/specs]$ env -
PATH=/usr/local/bin:/usr/bin/X11:/bin:/us
r/bin:/usr/sbin:/sbin  /usr/local/bin/rpm.daimi -bb --rcfile 
/tmp/benedict/rpmr
c-hello --buildroot /tmp/benedict/INSTALL-hello --define '_topdir
/users/benedic
t/rpm-de' --define '_builddir /tmp/benedict/BUILD-hello' --define '_tmppath
/tmp
/benedict' --define '_defaultdocdir /usr/local/doc' --define '_fixowner :'
--def
ine '_fixgroup :' --define '_fixperms %{__chmod} -R a+r,g-w,o-w' --define
'_gzip
bin /usr/local/bin/gzip' --define '_rpmfilename
i386-none-Linux/%{NAME}-%{VERSIO
N}-%{RELEASE}.rpm'  --clean /tmp/benedict/spec-hello > /tmp/bl 2>&1
Segmentation fault (core dumped)
[benedict@beast:~/rpm-de/specs]$ gdb `which rpm.daimi` core
GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...

warning: core file may not match specified executable file.
Core was generated by `/usr/local/lib/rpm/rpmb -bb --rcfile
/tmp/benedict/rpmrc-
hello --buildroot /tmp'.
Program terminated with signal 11, Segmentation fault.
#0  0x40109e66 in ?? ()
(gdb) bt
#0  0x40109e66 in ?? ()
#1  0x4010aeb8 in ?? ()
#2  0x4010b087 in ?? ()
#3  0x40026adc in ?? ()
#4  0x40026e0e in ?? ()
#5  0x40021731 in ?? ()
#6  0x4002770d in ?? ()
#7  0x804a58a in main (argc=-1073741940, argv=0x804dbb8) at rpm.c:884
#8  0x804a679 in main (argc=-1073741940, argv=0x804dbb8) at rpm.c:908
#9  0x804b766 in getGnameS (gname=0x1b <Address 0x1b out of bounds>)
    at names.c:129
#10 0x4014f9cb in ?? ()
(gdb)
Comment 1 benedict 2001-01-23 14:09:51 UTC 
The following spec-file is sufficient to create the error.

Name: hello
Version: 1.3
Release: 1

Copyright: GPL
Distribution: foo
Vendor: foo

Packager: Benedict Lofstedt <benedict.dk>
URL: foo

Summary: GNU %{name} package
Group: ??
%description

GNU %{name} package

%install

%dump
%define setfilelist()   filelist=%1

%setfilelist a
Comment 2 Jürgen Botz 2001-03-28 08:04:23 UTC 
This is a bug in parameterized macros which is present in all versions of
rpm-4.x that I've tested.  Basically, define a parameterized macro, try to
expand it with parameters and you get this crash.

You can replicate this by trying to invoke the %GNUconfigure macro in 
/usr/lib/rpm/macros with a parameter, for example.  100% repeatable in
all cases for me.
Comment 3 Jeff Johnson 2001-03-28 16:11:26 UTC 
FIxed in rpm CVS, will be in rpm-4.0.3. Here's the patch:

Index: macro.c
===================================================================
RCS file: /cvs/devel/rpm/rpmio/macro.c,v
retrieving revision 2.64
retrieving revision 2.53.2.7
diff -u -r2.64 -r2.53.2.7
--- macro.c	2001/01/19 01:38:59	2.64
+++ macro.c	2001/03/23 16:18:12	2.53.2.7
@@ -801,7 +801,7 @@
     /* Build argv array */
     argv = (const char **) alloca((argc + 1) * sizeof(char *));
     be[-1] = ' ';	/*  be - 1 == b + strlen(b) == buf + strlen(buf)  */
-    buf[0] = '\0';
+    be[0] = '\0';
     b = buf;
     for (c = 0; c < argc; c++) {
 	argv[c] = b;