Description of problem: 1. -e signal=!io (example from manpage) is broken. 2. Missing bounds checks of user input cause segfaults. Version-Release number of selected component (if applicable): strace-4.5.8 Steps to Reproduce: Actual results: $ env -i strace -e 'signal=!io' /bin/true strace: invalid signal `io' $ strace -e signal=999999 true Segmentation fault $ strace -e read=999999 true Segmentation fault Expected results: $ env -i strace -e 'signal=!io' /bin/true execve("/bin/true", ["/bin/true"], [/* 0 vars */]) = 0 _exit(0) = ? $ strace -e signal=999999 true strace: invalid signal `999999' $ strace -e read=999999 true strace: invalid descriptor `999999'
Created attachment 108865 [details] strace-4.5.8-alt-qual.patch Proposed patch.
I've merged in those fixes.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2005-131.html