491410 – dev-lang/python-exec-2.0 - python-exec2-c should initialize local char array

Bug 491410 - dev-lang/python-exec-2.0 - python-exec2-c should initialize local char array

Summary: dev-lang/python-exec-2.0 - python-exec2-c should initialize local char array

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Development (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Python Gentoo Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2013-11-16 15:00 UTC by Naohiro Aota
Modified:	2013-11-16 23:03 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
build.log (build.log,6.67 KB, text/x-log) 2013-11-16 16:37 UTC, Naohiro Aota	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Naohiro Aota gentoo-dev

2013-11-16 15:00:31 UTC

python-exec2-c on Gentoo/FreeBSD fail with:

# /usr/lib/python-exec/python-exec2-c /usr/bin/flaggie 
 (: No such file or directorytat symlink at /usr/bin/flaggie<0¸

Notice path is corrupted.

src/python-exec-c.c main()'s "char buf[BUFFER_SIZE]" is uninitialized so the above problem occur.

Comment 1 Michał Górny archtester

2013-11-16 15:18:56 UTC

Please attach the python-exec:2 build log.

The buffer is initialized in the first loop iteration:

        if (!symlink_resolution)
            memcpy(buf, script, len);

I have no idea why it doesn't do that for you...

Comment 2 Naohiro Aota gentoo-dev

2013-11-16 16:37:55 UTC

Created attachment 363372 [details]
build.log

Comment 3 Naohiro Aota gentoo-dev

2013-11-16 16:42:24 UTC

(In reply to Michał Górny from comment #1)
> Please attach the python-exec:2 build log.
> 
> The buffer is initialized in the first loop iteration:
> 
>         if (!symlink_resolution)
>             memcpy(buf, script, len);

This is omitting last "\0". It should be "len + 1", shouldn't it?

Comment 4 Michał Górny archtester

2013-11-16 17:27:45 UTC

(In reply to Naohiro Aota from comment #3)
> (In reply to Michał Górny from comment #1)
> > Please attach the python-exec:2 build log.
> > 
> > The buffer is initialized in the first loop iteration:
> > 
> >         if (!symlink_resolution)
> >             memcpy(buf, script, len);
> 
> This is omitting last "\0". It should be "len + 1", shouldn't it?

Oh my, what a stupid mistake :). Just to be sure, could you confirm that adding '+1' there fixes the issue for you?

Comment 5 Michał Górny archtester

2013-11-16 19:20:32 UTC

Confirmed and committed as 0fc20f7. I will add some more debug and release afterwards.

Comment 6 Michał Górny archtester

2013-11-16 23:03:07 UTC

+  16 Nov 2013; Michał Górny <mgorny@gentoo.org> +python-exec-2.0.1.ebuild:
+  Version bump. Fix unitialized memory access, bug #491410.