Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 607368 - null pointer dereference crashes tcsh
null pointer dereference crashes tcsh
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: tcsh (Show other bugs)
4.8
All Linux
urgent Severity urgent
: rc
: ---
Assigned To: Vojtech Vitek
BaseOS QE - Apps
: Patch, ZStream
Depends On:
Blocks: 614755
  Show dependency treegraph
 
Reported: 2010-06-23 18:51 EDT by Bryan Mason
Modified: 2015-03-04 18:56 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Under certain circumstances, a null pointer may have been incorrectly dereferenced, causing the tcsh shell to terminate unexpectedly. With this update, the pointer is now checked properly and tcsh no longer crashes.
Story Points: ---
Clone Of:
: 624450 (view as bug list)
Environment:
Last Closed: 2012-06-14 16:54:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed Patch (519 bytes, patch)
2010-06-23 18:54 EDT, Bryan Mason
no flags Details | Diff

  None (edit)
Description Bryan Mason 2010-06-23 18:51:39 EDT
Description of problem:

    The potential exists for a null pointer dereference in pchild()
    sh.proc.c:

    417         if (jobflags & PFOREGND) {
    418             if (!(jobflags & (PSIGNALED | PSTOPPED | PPTIME) ||
    419 #ifdef notdef
    420                 jobflags & PAEXITED ||
    421 #endif /* notdef */
    422                 !eq(dcwd->di_name, fp->p_cwd->di_name))) {

Version-Release number of selected component (if applicable):

    tcsh-6.13-10_el4

Additional info:

    This was fixed upstream in tcsh-6.15.00:

        http://mx.gw.com/pipermail/tcsh/2007-September/003866.html

    Reference item #9:

        9. Avoid null pointer dereference in proc cwd (Kurt Miller)
Comment 1 Bryan Mason 2010-06-23 18:54:06 EDT
Created attachment 426410 [details]
Proposed Patch

Patched adapted from upstream by Takuma Umeya (tumeya@redhat.com)
Comment 10 Jaromir Hradilek 2010-09-13 07:17:08 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Under certain circumstances, a null pointer may have been incorrectly dereferenced, causing the tcsh shell to terminate unexpectedly. With this update, the pointer is now checked properly and tcsh no longer crashes.

Note You need to log in before you can comment on or make changes to this bug.