[Reproducible-commits] [dpkg] 07/24: dpkg: Fix off-by-one array allocation
Niko Tyni
ntyni at moszumanska.debian.org
Tue May 3 21:38:22 UTC 2016
This is an automated email from the git hooks/post-receive script.
ntyni pushed a commit to branch ntyni/reproducible_builds
in repository dpkg.
commit 776bbabb4533d9d48c6356744839e10338ace2b8
Author: Guillem Jover <guillem at debian.org>
Date: Tue May 3 19:15:01 2016 +0200
dpkg: Fix off-by-one array allocation
We need two entries more than the current nfiles, one for the next one
and one for the final NULL.
---
debian/changelog | 2 ++
src/archives.c | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index 99e9a40..dc5e97a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,8 @@ dpkg (1.18.6) UNRELEASED; urgency=medium
files in the filesystem as «pathname».dpkg-new after configuration
and without traces of the files in the dpkg database. Closes: #823288
* Use m_strdup() instead of strdup() in dpkg recursive installation code.
+ * Fix off-by-one array allocation in dpkg recursive installation code that
+ can cause segfaults.
* Packaging:
- Bump Standards-Version to 3.9.8 (no changes needed).
diff --git a/src/archives.c b/src/archives.c
index 44753bd..fa64d0c 100644
--- a/src/archives.c
+++ b/src/archives.c
@@ -1482,7 +1482,7 @@ archivefiles(const char *const *argv)
if (strcmp(nodename + strlen(nodename) - 4, ".deb") != 0)
continue;
- arglist = m_realloc(arglist, sizeof(char *) * (nfiles + 1));
+ arglist = m_realloc(arglist, sizeof(char *) * (nfiles + 2));
arglist[nfiles++] = m_strdup(nodename);
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git
More information about the Reproducible-commits
mailing list