Bug 64869

Summary: tar segmentation fault when the TAR_OPTIONS environment variable is set
Product: [Retired] Red Hat Linux Reporter: F Harvell <fharvell>
Component: tarAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED CURRENTRELEASE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.3CC: jakub, olivier.baudron
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-03-08 14:01:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Fixes null termination of argv. none

Description F Harvell 2002-05-13 20:12:38 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc2) Gecko/20020510

Description of problem:
The tar program seg faults when the TAR_OPTION environment variable is set.

It appears that the issue may rest within libc as copying the RH 7.2 version of
the tar executable also fails. It used to work prior to upgrading from RedHat
7.2 to RedHat 7.3.

Version-Release number of selected component (if applicable):
tar-1.13.25-4
glibc-2.2.5-34

How reproducible:
Always

Steps to Reproduce:
1.export TAR_OPTIONS="-v"
2.tar xvf /some/tar/file.tar
	

Actual Results:  generates "Segmentation fault".

Expected Results:  tar listing

Additional info:

It appears that the issue may rest within libc as copying the RH 7.2 version of
the tar executable also fails.

It used to work prior to upgrading from RedHat 7.2 to RedHat 7.3.

It currently fails on both an Athlon and a Pentium III.
Comment 1 F Harvell 2002-05-13 20:24:39 UTC 
The problem does not seem to appear when untaring a gzipped tar file:

1. export TAR_OPTIONS="-v"
2. tar tvf /some/tar/file.tar
generates "Segmentation fault".

1. export TAR_OPTIONS="-v"
2. tar tvzf /some/gzipped/tar/file.tar.gz
generates tar file listing as expected.
Comment 2 Bernhard Rosenkraenzer 2002-05-21 14:47:03 UTC 
Looks like a glibc problem... 
#0  0x4206d6f5 in _int_malloc () from /lib/i686/libc.so.6 
#1  0x4206cb25 in malloc () from /lib/i686/libc.so.6 
#2  0x0804b126 in strcpy () 
#3  0x08050638 in strcpy () 
#4  0x0805da9d in strcpy () 
#5  0x42016714 in __libc_start_main () from /lib/i686/libc.so.6
Comment 3 Jakub Jelinek 2002-05-21 15:00:22 UTC 
Beg to disagree. Try:
ulimit -c unlimited
LD_PRELOAD=/usr/lib/libefence.so.0 TAR_OPTIONS=-v /bin/tar xvf foo.tar
gdb /bin/tar core
Comment 4 Olivier Baudron 2002-06-16 16:33:58 UTC 
The problem is at prepargs.c:92

      while ((*pp++ = *argv++))
	continue;

This code requires that argv[argc]==NULL. Normally this is a K&R standard, but
argv has been (badly) overwritten, and does not respect this restriction at that
moment.

The following patch fixes the problem.
Comment 5 Olivier Baudron 2002-06-16 16:36:54 UTC 
Created attachment 61084 [details]
Fixes null termination of argv.
Comment 6 Bernhard Rosenkraenzer 2002-07-01 13:45:20 UTC 
Fixed in 1.13.25-6
Comment 7 Miloslav Trmac 2004-03-08 14:01:12 UTC 
Fix confirmed in tar-1.13.25-12.