Bug 624450 - null pointer dereference crashes tcsh
null pointer dereference crashes tcsh
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: tcsh (Show other bugs)
5.5
All Linux
urgent Severity urgent
: rc
: ---
Assigned To: Jaromír Končický
BaseOS QE - Apps
: Patch, ZStream
Depends On:
Blocks: 631815 689382
  Show dependency treegraph
 
Reported: 2010-08-16 10:14 EDT by Bryan Mason
Modified: 2013-09-23 07:14 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Under certain circumstances, a null pointer may have been incorrectly dereferenced, causing the tcsh shell to terminate unexpectedly. With this update, the pointer is now checked properly and tcsh no longer crashes.
Story Points: ---
Clone Of: 607368
: 689382 700309 (view as bug list)
Environment:
Last Closed: 2013-09-23 07:14:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Proposed patch (519 bytes, patch)
2010-08-16 14:08 EDT, Bryan Mason
no flags Details | Diff

  None (edit)
Description Bryan Mason 2010-08-16 10:14:41 EDT
+++ This bug was initially created as a clone of Bug #607368 +++

Description of problem:

    The potential exists for a null pointer dereference in pchild()
    sh.proc.c:

    417         if (jobflags & PFOREGND) {
    418             if (!(jobflags & (PSIGNALED | PSTOPPED | PPTIME) ||
    419 #ifdef notdef
    420                 jobflags & PAEXITED ||
    421 #endif /* notdef */
    422                 !eq(dcwd->di_name, fp->p_cwd->di_name))) {

Version-Release number of selected component (if applicable):

    tcsh-6.14-14.el5

Additional info:

    This was fixed upstream in tcsh-6.15.00:

        http://mx.gw.com/pipermail/tcsh/2007-September/003866.html

    Reference item #9:

        9. Avoid null pointer dereference in proc cwd (Kurt Miller)
Comment 2 Bryan Mason 2010-08-16 14:08:56 EDT
Created attachment 439002 [details]
Proposed patch

Created by tumeya@redhat.com
Comment 6 Jaromir Hradilek 2010-09-13 07:17:03 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Under certain circumstances, a null pointer may have been incorrectly dereferenced, causing the tcsh shell to terminate unexpectedly. With this update, the pointer is now checked properly and tcsh no longer crashes.

Note You need to log in before you can comment on or make changes to this bug.