[Reproducible-commits] [dpkg] 17/25: libdpkg: Fix off-by-one error in command argv size calculation

[Holger Levsen]

This is an automated email from the git hooks/post-receive script.

holger pushed a commit to annotated tag 1.16.16
in repository dpkg.

commit f8204c3a4090ef6f23e300046177786150807442
Author: Guillem Jover <guillem at debian.org>
Date:   Fri Sep 26 01:21:56 2014 +0200

    libdpkg: Fix off-by-one error in command argv size calculation
    
    Cherry picked from commit 9b9acf81bac908889d0db3631c53277329bafb80.
    
    We need a ghost byte for the terminating NUL character, so add it up
    to the requested needed bytes.
    
    Closes: #760690
    
    Warned-by: valgrind
    Based-on-patch-by: Bálint Réczey <balint at balintreczey.hu>
---
 debian/changelog   | 2 ++
 lib/dpkg/command.c | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 5e64b36..21ad2eb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -22,6 +22,8 @@ dpkg (1.16.15+nmu1) UNRELEASED; urgency=low
   * Add a workaround to start-stop-daemon for bogus OpenVZ Linux kernels that
     prepend, instead of appending, the " (deleted)" marker in /proc/PID/exe.
     Closes: #731530
+  * Fix off-by-one error in libdpkg command argv size calculation.
+    Based on a patch by Bálint Réczey <balint at balintreczey.hu>. Closes: #760690
 
   [ Updated scripts translations ]
   * Fix typos in German (Helge Kreutzmann)
diff --git a/lib/dpkg/command.c b/lib/dpkg/command.c
index 56fd700..859f8a1 100644
--- a/lib/dpkg/command.c
+++ b/lib/dpkg/command.c
@@ -77,6 +77,9 @@ command_destroy(struct command *cmd)
 static void
 command_grow_argv(struct command *cmd, int need)
 {
+	/* We need a ghost byte for the NUL character. */
+	need++;
+
 	/* Check if we already have enough room. */
 	if ((cmd->argv_size - cmd->argc) >= need)
 		return;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git