Bug 24686
Summary: | rpm-4.0.1 macro expansion segfaults | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | benedict |
Component: | rpm | Assignee: | Jeff Johnson <jbj> |
Status: | CLOSED RAWHIDE | QA Contact: | David Lawrence <dkl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.0 | CC: | jurgen |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2001-03-28 08:04:26 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
benedict
2001-01-23 13:46:52 UTC
The following spec-file is sufficient to create the error. Name: hello Version: 1.3 Release: 1 Copyright: GPL Distribution: foo Vendor: foo Packager: Benedict Lofstedt <benedict.dk> URL: foo Summary: GNU %{name} package Group: ?? %description GNU %{name} package %install %dump %define setfilelist() filelist=%1 %setfilelist a This is a bug in parameterized macros which is present in all versions of rpm-4.x that I've tested. Basically, define a parameterized macro, try to expand it with parameters and you get this crash. You can replicate this by trying to invoke the %GNUconfigure macro in /usr/lib/rpm/macros with a parameter, for example. 100% repeatable in all cases for me. FIxed in rpm CVS, will be in rpm-4.0.3. Here's the patch: Index: macro.c =================================================================== RCS file: /cvs/devel/rpm/rpmio/macro.c,v retrieving revision 2.64 retrieving revision 2.53.2.7 diff -u -r2.64 -r2.53.2.7 --- macro.c 2001/01/19 01:38:59 2.64 +++ macro.c 2001/03/23 16:18:12 2.53.2.7 @@ -801,7 +801,7 @@ /* Build argv array */ argv = (const char **) alloca((argc + 1) * sizeof(char *)); be[-1] = ' '; /* be - 1 == b + strlen(b) == buf + strlen(buf) */ - buf[0] = '\0'; + be[0] = '\0'; b = buf; for (c = 0; c < argc; c++) { argv[c] = b; |