Bug 972646 - Segmentation fault of rpm -E
Summary: Segmentation fault of rpm -E
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: rpm
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
Assignee: Packaging Maintenance Team
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-06-10 10:28 UTC by Christopher Meng
Modified: 2013-08-07 15:34 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-06-20 08:48:20 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Christopher Meng 2013-06-10 10:28:07 UTC 
Description of problem:
Running this command will cause a weird problem:

[root@fab log]# rpm -E %{lua}
Segmentation fault (core dumped)

However this should not be happened as if I run this:

[root@fab log]# rpm -E %{luaa}
%{luaa}

As you can see, it returns the input, but it seems that %{lua} is a special case.

Version-Release number of selected component (if applicable):
rpm-4.11.0.1-7.fc20
Comment 1 Nicolas Chauvet (kwizart) 2013-06-10 10:35:06 UTC 
I can reproduce on f18 x86_64
# rpm -E %{lua}
Segmentation fault (core dumped)
# rpm -E %{optflags}
-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4  -m64 -mtune=generic
Comment 2 Panu Matilainen 2013-06-10 10:54:09 UTC 
%{lua} is indeed special as its used to invoke rpm's embedded lua interpreter, eg:

[pmatilai@localhost ~]$ rpm --eval "%{lua:print(1+2)}"
3
[pmatilai@localhost ~]$

And yes its reproducable all the way back to rpm 4.3.x where the embedded lua interpreter was introduced, its just missing some sanity checks. Will fix.
Comment 3 Christopher Meng 2013-06-10 11:00:26 UTC 
(In reply to Panu Matilainen from comment #2)
> %{lua} is indeed special as its used to invoke rpm's embedded lua
> interpreter, eg:
> 
> [pmatilai@localhost ~]$ rpm --eval "%{lua:print(1+2)}"
> 3
> [pmatilai@localhost ~]$
> 
> And yes its reproducable all the way back to rpm 4.3.x where the embedded
> lua interpreter was introduced, its just missing some sanity checks. Will
> fix.

Thanks, it's my first time to know about that.
Comment 4 Panu Matilainen 2013-06-10 11:56:46 UTC 
Fixed upstream now:
http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=43a34e155432354454ba11b2d9decf86cfba26a6

Oh and thanks for reporting, its amazing how long bugs can stay dormant sometimes, close to decade in this case :)
Comment 5 Panu Matilainen 2013-06-10 12:34:25 UTC 
Hmm, except that turns out to be not so good a fix as it behaves differently from other built-ins afterall.

Anyway, just use a non-reserved macro name to avoid the issue, defining and using %{lua} for your own purposes is not going to work.
Comment 6 Panu Matilainen 2013-06-20 08:48:20 UTC 
The segfault is fixed in rpm-4.11.1-0.rc2.1.fc20.
Comment 7 devzero2000 2013-08-07 12:47:44 UTC 
The segfault was fixed with commit 43a34e155432354454ba11b2d9decf86cfba26a6
but reverted here f173f747cda11e3f6778d2553fcb0db4b4e1d571

I think that the bug is open again now
Comment 8 Panu Matilainen 2013-08-07 12:50:49 UTC 
(In reply to devzero2000 from comment #7)
> The segfault was fixed with commit 43a34e155432354454ba11b2d9decf86cfba26a6
> but reverted here f173f747cda11e3f6778d2553fcb0db4b4e1d571
> 
> I think that the bug is open again now

No. The initial fix was reverted and replaced with a better one.
Comment 9 devzero2000 2013-08-07 15:34:43 UTC 
I am sorry. My bad. I've seen it now (ae5795897159319923b60f5c141a2ae5aa6f8d68). 

Thanks
Note You need to log in before you can comment on or make changes to this bug.