Historical bug tracker for the Pacman package manager.
The pacman bug tracker has moved to gitlab:
https://gitlab.archlinux.org/pacman/pacman/-/issues
This tracker remains open for interaction with historical bugs during the transition period. Any new bugs reports will be closed without further action.
The pacman bug tracker has moved to gitlab:
https://gitlab.archlinux.org/pacman/pacman/-/issues
This tracker remains open for interaction with historical bugs during the transition period. Any new bugs reports will be closed without further action.
FS#24292 - ALPM segfaults when creating lock in non-existend db-path.
Attached to Project:
Pacman
Opened by Yaro Kasear (Yaro) - Sunday, 15 May 2011, 17:56 GMT
Last edited by Dan McGee (toofishes) - Wednesday, 01 June 2011, 18:04 GMT
Opened by Yaro Kasear (Yaro) - Sunday, 15 May 2011, 17:56 GMT
Last edited by Dan McGee (toofishes) - Wednesday, 01 June 2011, 18:04 GMT
|
DetailsSummary and Info:
ALPM causes a segfault when trying to create a lock in a directory that doesn't exist. This is not really a big problem as most package managers will either already have a directory ready or create one before starting any transactions with ALPM. Still, good practice would have alpm do some error checking for this condition before creating the lock file. Steps to Reproduce: 1. Set the db-path for ALPM to something that doesn't exist. 2. Initiate a transaction with ALPM. 3. Watch your program get a segmentation fault. |
This task depends upon
Closed by Dan McGee (toofishes)
Wednesday, 01 June 2011, 18:04 GMT
Reason for closing: Fixed
Additional comments about closing: commit 65c18807350b2b
Wednesday, 01 June 2011, 18:04 GMT
Reason for closing: Fixed
Additional comments about closing: commit 65c18807350b2b
$ ./src/pacman/pacman -Sy --dbpath /tmp/foo/bar
error: problem setting dbpath '/tmp/foo/bar' (could not find or read directory)
So the library throws an error at least when setting a DB path like this; however we shouldn't ever segfault later on if you continue unhindered. Did you get a backtrace? This could happen in a lot of places in theory so I'm not completely sure where we should be checking it for sanity.
The program I wrote was a very simple three-step affair:
#include <alpm.h>
int main ( int argc, char* argv[] )
{
alpm_initialize();
alpm_option_set_dbpath("/non/existant/path");
alpm_trans_init ( 0, NULL, NULL, NULL );
return 0;
}
Basically, init ALPM, set the db-path to something that doesn't exist, and simply try to place a lock like you would when, say, updating sync databases. In the package manager the segfault happened amidst a cast to a transaction flag defined in ALPM while the whole thing was being tested for success through an if(). In other words, the offending line was a PURE call to ALPM and nothing else.
So, that C program above was so I wouldn't regress my code but also to confirm it could happen in a clean C (Not C++, and also so we can be sure it's not in my project.) environment. Now, the stuff you'd like to see, Dan:
(gdb) run
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/yaro/projects/tmp/segfault
[Thread debugging using libthread_db enabled]
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff78d1541 in strlen () from /lib/libc.so.6
(gdb) backtrace
#0 0x00007ffff78d1541 in strlen () from /lib/libc.so.6
#1 0x00007ffff78d1296 in strdup () from /lib/libc.so.6
#2 0x00007ffff7bd22a5 in alpm_trans_init () from /usr/lib/libalpm.so.6
#3 0x00000000004006eb in main (argc=1, argv=0x7fffffffdd88) at main.c:7
I do have ALPM (And thus, pacman, too.) built with debug symbols, so I hope that's usable.
Is there any further thing you need?