Created attachment 539938 [details, diff] fix buffer underread in portage-utils There's a memory safety violation in the portage-utils main.c. This will lead to a crash with memory safety tools like asan. The problem is in this line: if ((*var->value.s)[var->value_len - 1] != '/') { var->value_len can have the value 0, which will cause an access to the array index -1, which is then pointing outside the allocated buffer. Catching the special case of var->value_len == 0 should fix this, see attached patch.
Thanks, pushed to master
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=86b8e521983302545dea5c39c5a325d08c635837 commit 86b8e521983302545dea5c39c5a325d08c635837 Author: Fabian Groffen <grobian@gentoo.org> AuthorDate: 2018-08-01 13:53:47 +0000 Commit: Fabian Groffen <grobian@gentoo.org> CommitDate: 2018-08-01 13:53:47 +0000 app-portage/portage-utils: version bump to v0.73 Closes: https://bugs.gentoo.org/661762 Closes: https://bugs.gentoo.org/661474 Closes: https://bugs.gentoo.org/660508 Package-Manager: Portage-2.3.40, Repoman-2.3.9 app-portage/portage-utils/Manifest | 2 +- .../{portage-utils-0.71.ebuild => portage-utils-0.73.ebuild} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
