Bug 13468 - rpm v3.0.5 core dumps with certain packages
Summary: rpm v3.0.5 core dumps with certain packages
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: rpm   
(Show other bugs)
Version: 6.2
Hardware: noarch
OS: Linux
Target Milestone: ---
Assignee: Jeff Johnson
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2000-07-04 13:58 UTC by stephens
Modified: 2017-04-05 18:45 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-07-07 00:56:01 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description stephens 2000-07-04 13:58:31 UTC
I'm not sure which packages cause the problem, but this issue is that
sometimes one of the parameters of lib/depends.c, dirInfoCompare()
is a null value. The function then casts the void* pointer passed
in to a structure and tries to access it, thus causing a core dump.

It needs either a check for NULL in the function (I've tried this and
it works) or a check elsewhere so that null is never passed.

Comment 1 SB 2000-07-07 00:56:01 UTC
Someone on Solaris made note of this problem and said they
thought it only occurred when installing the first package.
My assumption would be (if it indeed happens only when installing
the first package) that an empty or no database would cause it
to crash.  Here is a core dump posted to the rpm-list that illustrates
the problem:
#0  0x36ad8 in dirInfoCompare (one=0xffbeee28, two=0x0) at depends.c:142
142         int lenchk = a->dirNameLen - b->dirNameLen;
(gdb) bt
#0  0x36ad8 in dirInfoCompare (one=0xffbeee28, two=0x0) at depends.c:142
#1  0xff1b9afc in bsearch () from /usr/lib/libc.so.1
#2  0x37f64 in alFileSatisfiesDepend (al=0x3158fc, keyType=0x0, 
    fileName=0x110624 "/bin/sh") at depends.c:773
#3  0x3804c in alSatisfiesDepend (al=0x3158fc, keyType=0x0, keyDepend=0x0, 
    keyName=0x110624 "/bin/sh", keyEVR=0x115104 "", keyFlags=64)
    at depends.c:803
#4  0x386d0 in unsatisfiedDepend (rpmdep=0x3158d0, keyType=0xe1d40 " requires", 
    keyDepend=0x115110 "/bin/sh  ", keyName=0x110624 "/bin/sh", 
    keyEVR=0x115104 "", keyFlags=64, suggestion=0xffbeefd4) at depends.c:963
#5  0x38844 in checkPackageDeps (rpmdep=0x3158d0, psp=0xffbef088, h=0x119d90, 
    keyName=0x0) at depends.c:1007
#6  0x39618 in rpmdepCheck (rpmdep=0x3158d0, conflicts=0xffbef154, 
    numConflicts=0xffbef150) at depends.c:1403
#7  0x4bae0 in rpmInstall (rootdir=0xde610 "/", fileArgv=0x10e1f8, 
    transFlags=0, interfaceFlags=0, probFilter=0, relocations=0x0)
    at rpminstall.c:316
#8  0x267f0 in main (argc=3, argv=0xffbef39c) at rpm.c:1382

From what I can tell no parameters of dirInfoCompare() should
be NULL and thus would indicate that either the database is
not there, empty, or corrupt or that that rpm itself is
incomplete/built incorrectly/corrupt.  It's fixable like you
said, but it is a nice way of finding out if a package is messed
up or not none-the-less.

-Stan Bubrouski

Comment 2 Jeff Johnson 2000-07-10 18:20:22 UTC
This smells like the following patch

/*@dependent@*/ /*@null@*/ static struct availablePackage *
alFileSatisfiesDepend(struct availableList * al,
        const char * keyType, const char * fileName)
    int i;
    const char * dirName;
    const char * baseName;
    struct dirInfo dirNeedle;
    struct dirInfo * dirMatch;

+j    if (al->numDirs == 0)       /* Solaris 2.6 bsearch sucks down on this. */
+        return NULL;

which is now added in rpm-3.0.5. Thanks for the report.

Comment 3 openshift-github-bot 2017-04-05 18:45:43 UTC
Commit pushed to master at https://github.com/openshift/origin

Merge pull request #13552 from soltysh/issue13468

Merged by openshift-bot

Note You need to log in before you can comment on or make changes to this bug.