#16625 – Падение rpm --eval "$(cat <файл>)" на некоторых файлах

Bug 16625 - Падение rpm --eval "$(cat <файл>)" на некоторых файлах

Summary: Падение rpm --eval "$(cat <файл>)" на некоторых файлах

Status:	CLOSED FIXED

Alias:	None

Product:	Sisyphus
Classification:	Development
Component:	rpm (show other bugs)
Version:	unstable
Hardware:	x86_64 Linux

Importance:	P2 normal
Assignee:	placeholder@altlinux.org
QA Contact:	qa-sisyphus

URL:	https://bugzilla.altlinux.org/show_bu...
Keywords:

Depends on:
Blocks:

Reported:	2008-08-08 12:33 MSD by solo
Modified:	2016-12-16 20:56 MSK (History)
CC List:	8 users (show)

See Also:

Attachments
magic (12.65 KB, text/plain) 2008-08-08 12:33 MSD, solo	no flags	Details
mime.types (28.74 KB, text/plain) 2008-08-08 12:34 MSD, solo	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description solo 2008-08-08 12:33:57 MSD

Created attachment 2771 [details]
magic

Наблюдается падение rpm --eval "$(cat <файл>) на файлах {mime.types,magic} из исходников apache (см. https://bugzilla.altlinux.org/show_bug.cgi?id=16623), со следующей диагностикой (rpm-4.0.4-alt96 в haser):

$ rpm --eval "$(cat magic)"
*** buffer overflow detected ***: rpm terminated
======= Backtrace: =========
/lib64/libc.so.6(__chk_fail+0x2f)[0x2b9185dedd1f]
/usr/lib64/librpmio-4.0.4.so(rpmExpand+0x66)[0x2b9186287a16]
rpm(parseSpec+0x5c9)[0x4026f1]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x2b9185d3dcf4]
rpm(parseSpec+0xb1)[0x4021d9]
======= Memory map: ========
Aborted

  Диагностика rpm-4.0.4-alt95.M41.1 отличается:

$ rpm --eval $(cat magic)
#
rpm: за один раз может быть исполнен только один тип проверки или запроса
[solo@notesol conf]$ rpm --eval "$(cat magic)"
*** buffer overflow detected ***: rpm terminated
======= Backtrace: =========
/lib64/libc.so.6(__chk_fail+0x2f)[0x7f05a27f0d1f]
/usr/lib64/librpmio-4.0.4.so(rpmExpand+0x66)[0x7f05a22c9a16]
rpm(parseSpec+0x5c9)[0x4026f1]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x7f05a2740cf4]
rpm(parseSpec+0xb1)[0x4021d9]
======= Memory map: ========
00400000-00405000 r-xp 00000000 fd:08 10363                              /usr/bin/rpm
00605000-00606000 rw-p 00005000 fd:08 10363                              /usr/bin/rpm
00606000-00647000 rw-p 00606000 00:00 0                                  [heap]
7f05a0f45000-7f05a0f52000 r-xp 00000000 03:05 259                        /lib64/libgcc_s.so.1
7f05a0f52000-7f05a1152000 ---p 0000d000 03:05 259                        /lib64/libgcc_s.so.1
7f05a1152000-7f05a1153000 rw-p 0000d000 03:05 259                        /lib64/libgcc_s.so.1
7f05a1153000-7f05a115a000 r-xp 00000000 03:05 234                        /lib64/librt-2.5.1.so
7f05a115a000-7f05a1359000 ---p 00007000 03:05 234                        /lib64/librt-2.5.1.so
7f05a1359000-7f05a135b000 rw-p 00006000 03:05 234                        /lib64/librt-2.5.1.so
7f05a135b000-7f05a1370000 r-xp 00000000 03:05 230                        /lib64/libpthread-2.5.1.so
7f05a1370000-7f05a156f000 ---p 00015000 03:05 230                        /lib64/libpthread-2.5.1.so
7f05a156f000-7f05a1570000 r--p 00014000 03:05 230                        /lib64/libpthread-2.5.1.so
7f05a1570000-7f05a1571000 rw-p 00015000 03:05 230                        /lib64/libpthread-2.5.1.so
7f05a1571000-7f05a1575000 rw-p 7f05a1571000 00:00 0 
7f05a1575000-7f05a158a000 r-xp 00000000 03:05 248                        /lib64/libz.so.1.2.3
7f05a158a000-7f05a178a000 ---p 00015000 03:05 248                        /lib64/libz.so.1.2.3
7f05a178a000-7f05a178b000 rw-p 00015000 03:05 248                        /lib64/libz.so.1.2.3
7f05a178b000-7f05a179a000 r-xp 00000000 03:05 573                        /lib64/libbz2.so.1.0.3
7f05a179a000-7f05a199a000 ---p 0000f000 03:05 573                        /lib64/libbz2.so.1.0.3
7f05a199a000-7f05a199b000 rw-p 0000f000 03:05 573                        /lib64/libbz2.so.1.0.3
7f05a199b000-7f05a19b4000 r-xp 00000000 fd:08 1158                       /usr/lib64/libbeecrypt.so.2.2.0
7f05a19b4000-7f05a1bb3000 ---p 00019000 fd:08 1158                       /usr/lib64/libbeecrypt.so.2.2.0
7f05a1bb3000-7f05a1bb8000 rw-p 00018000 fd:08 1158                       /usr/lib64/libbeecrypt.so.2.2.0
7f05a1bb8000-7f05a1bca000 r-xp 00000000 fd:08 27069                      /usr/lib64/libelf-0.131.so
7f05a1bca000-7f05a1dc9000 ---p 00012000 fd:08 27069                      /usr/lib64/libelf-0.131.so
7f05a1dc9000-7f05a1dcb000 rw-p 00011000 fd:08 27069                      /usr/lib64/libelf-0.131.so
7f05a1dcb000-7f05a1eb3000 r-xp 00000000 03:05 485                        /lib64/libdb-4.4.so
7f05a1eb3000-7f05a20b3000 ---p 000e8000 03:05 485                        /lib64/libdb-4.4.so
7f05a20b3000-7f05a20b6000 rw-p 000e8000 03:05 485                        /lib64/libdb-4.4.so
7f05a20b6000-7f05a20bf000 r-xp 00000000 03:05 470                        /lib64/libpopt.so.0.0.0
7f05a20bf000-7f05a22be000 ---p 00009000 03:05 470                        /lib64/libpopt.so.0.0.0
7f05a22be000-7f05a22bf000 rw-p 00008000 03:05 470                        /lib64/libpopt.so.0.0.0
7f05a22bf000-7f05a22fb000 r-xp 00000000 fd:08 31674                      /usr/lib64/librpmio-4.0.4.so
7f05a22fb000-7f05a24fa000 ---p 0003c000 fd:08 31674                      /usr/lib64/librpmio-4.0.4.so
7f05a24fa000-7f05a24fc000 rw-p 0003b000 fd:08 31674                      /usr/lib64/librpmio-4.0.4.so
7f05a24fc000-7f05a2502000 rw-p 7f05a24fc000 00:00 0 
7f05a2502000-7f05a2520000 r-xp 00000000 fd:08 31673                      /usr/lib64/librpmdb-4.0.4.so
7f05a2520000-7f05a2720000 ---p 0001e000 fd:08 31673                      /usr/lib64/librpmdb-4.0.4.so
7f05a2720000-7f05a2723000 rw-p 0001e000 fd:08 31673                      /usr/lib64/librpmdb-4.0.4.so
7f05a2723000-7f05a2854000 r-xp 00000000 03:05 216                        /lib64/libc-2.5.1.so
7f05a2854000-7f05a2a54000 ---p 00131000 03:05 216                        /lib64/libc-2.5.1.so
7f05a2a54000-7f05a2a57000 r--p 00131000 03:05 216                        /lib64/libc-2.5.1.so
7f05a2a57000-7f05a2a59000 rw-p 00134000 03:05 216                        /lib64/libc-2.5.1.so
7f05a2a59000-7f05a2a5e000 rw-p 7f05a2a59000 00:00 0 
7f05a2a5e000-7f05a2a7f000 r-xp 00000000 fd:08 31685                      /usr/lib64/librpmbuild-4.0.4.so
7f05a2a7f000-7f05a2c7f000 ---p 00021000 fd:08 31685                      /usr/lib64/librpmbuild-4.0.4.so
7f05a2c7f000-7f05a2c82000 rw-p 00021000 fd:08 31685                      /usr/lib64/librpmbuild-4.0.4.so
7f05a2c82000-7f05a2c90000 rw-p 7f05a2c82000 00:00 0 
7f05a2c90000-7f05a2ccc000 r-xp 00000000 fd:08 10348                      /usr/lib64/librpm-4.0.4.so
7f05a2ccc000-7f05a2ecb000 ---p 0003c000 fd:08 10348                      /usr/lib64/librpm-4.0.4.so
7f05a2ecb000-7f05a2ecf000 rw-p 0003b000 fd:08 10348                      /usr/lib64/librpm-4.0.4.so
7f05a2ecf000-7f05a2ee8000 r-xp 00000000 03:05 210                        /lib64/ld-2.5.1.so
7f05a2fbb000-7f05a2ff6000 r--p 00000000 fd:08 22072                      /usr/lib64/locale/ru_RU.utf8/LC_CTYPE
7f05a2ff6000-7f05a30ce000 r--p 00000000 fd:08 10985                      /usr/lib64/lАварийный останов

Comment 1 solo 2008-08-08 12:34:56 MSD

Created attachment 2772 [details]
mime.types

Comment 2 Dmitry V. Levin 2008-08-29 16:46:11 MSD

(In reply to comment #0)
> Created an attachment (id=2771) [details]
> magic
> 
> Наблюдается падение rpm --eval "$(cat <файл>) на файлах {mime.types,magic} из исходников apache
> (см. https://bugzilla.altlinux.org/show_bug.cgi?id=16623), со следующей диагностикой (rpm-4.0.4-alt96 в haser):
> 
> $ rpm --eval "$(cat magic)"
> *** buffer overflow detected ***: rpm terminated

Файл слишком большой, наверное.

Comment 3 Jeff Johnson 2012-01-02 19:41:45 MSK

tracked at https://bugs.launchpad.net/rpm/+bug/910883

Comment 4 Gleb F-Malinovskiy 2016-12-16 20:56:51 MSK

rpm-4.13.0 c этим справляется.