aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-segfault-with-append.patch
blob: 2043c890cde30dc3c8c65640bda00e59394b4bef (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
Upstream-Status: Submitted [bugs-cpio]
Signed-off-by: Ross Burton <ross.burton@intel.com>

From 3f0bd5a40ad0ceaee78c74a52a7166ed7f08db81 Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <praiskup@redhat.com>
Date: Thu, 29 Nov 2018 07:03:48 +0100
Subject: [PATCH] Fix segfault with --append

The --append mode combines both process_copy_in() and
process_copy_out() methods, each of them working with different
(local) file_hdr->c_name buffers.  So ensure that
cpio_set_c_name() isn't using the same static variable for
maintaining length of different buffers.

Complements d36ec5f4e93130efb24fb9.  Thanks to Ross Burton.

* src/copyin.c (process_copy_in): Always initialize file_hdr.
* src/copyout.c (process_copy_out): Likewise.
* src/cpiohdr.h (cpio_file_stat): Add c_name_buflen variable.
* src/util.c (cpio_set_c_name): Use file_hdr->c_name_buflen.
---
 src/copyin.c  | 1 +
 src/copyout.c | 1 +
 src/cpiohdr.h | 1 +
 src/util.c    | 3 ++-
 4 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/copyin.c b/src/copyin.c
index ba887ae..767c2f8 100644
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -1213,6 +1213,7 @@ process_copy_in ()
 
   newdir_umask = umask (0);     /* Reset umask to preserve modes of
 				   created files  */
+  memset (&file_hdr, 0, sizeof (struct cpio_file_stat));
   
   /* Initialize the copy in.  */
   if (pattern_file_name)
diff --git a/src/copyout.c b/src/copyout.c
index 7532dac..fb890cb 100644
--- a/src/copyout.c
+++ b/src/copyout.c
@@ -594,6 +594,7 @@ process_copy_out ()
 
   /* Initialize the copy out.  */
   ds_init (&input_name, 128);
+  memset (&file_hdr, 0, sizeof (struct cpio_file_stat));
   file_hdr.c_magic = 070707;
 
   /* Check whether the output file might be a tape.  */
diff --git a/src/cpiohdr.h b/src/cpiohdr.h
index 588135b..cf64f3e 100644
--- a/src/cpiohdr.h
+++ b/src/cpiohdr.h
@@ -127,6 +127,7 @@ struct cpio_file_stat /* Internal representation of a CPIO header */
   uint32_t c_chksum;
   char *c_name;
   char *c_tar_linkname;
+  size_t c_name_buflen;
 };
 
 void cpio_set_c_name(struct cpio_file_stat *file_hdr, char *name);
diff --git a/src/util.c b/src/util.c
index 10486dc..1256469 100644
--- a/src/util.c
+++ b/src/util.c
@@ -1413,7 +1413,7 @@ set_file_times (int fd,
 void
 cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name)
 {
-  static size_t buflen = 0;
+  size_t buflen = file_hdr->c_name_buflen;
   size_t len = strlen (name) + 1;
 
   if (buflen == 0)
@@ -1430,6 +1430,7 @@ cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name)
     }
 
   file_hdr->c_namesize = len;
+  file_hdr->c_name_buflen = buflen;
   memmove (file_hdr->c_name, name, len);
 }
 
-- 
2.11.0