pkg audit -F segfault

andrew clarke mail at ozzmosis.com
Thu Dec 12 18:07:18 UTC 2013


On Tue 2013-12-10 21:53:16 UTC-0500, Phil Stone (phil.stone at gmx.com) wrote:

> Hi,
> I've just installed pkg-1.2.3 on FreeBSD 8.4-RELEASE-p6.

It's also segfaulting on 9.2-RELEASE-p2 here.

I noticed the segfault in my syslog just now, since pkg audit -F is
run daily from /usr/local/etc/periodic/security/410.pkg-audit.
 
> Running the command "pkg audit -F" causes a segfault:
> # pkg audit -F
> Vulnxml file up-to-date.
> Segmentation fault (core dumped)
> #

(gdb) set args audit -F
(gdb) r
Starting program: /usr/ports/ports-mgmt/pkg/work/pkg-1.2.3/pkg/pkg audit -F
[New LWP 101360]
[New Thread 803407400 (LWP 101360/pkg)]
Vulnxml file up-to-date.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 803407400 (LWP 101360/pkg)]
0x0000000800ddb130 in archive_read_free () from /usr/lib/libarchive.so.5
(gdb) bt
#0  0x0000000800ddb130 in archive_read_free () from /usr/lib/libarchive.so.5
#1  0x0000000000407772 in fetch_and_extract (src=0x803425070 "http://www.vuxml.org/freebsd/vuln.xml.bz2", 
    dest=0x7fffffffcfd0 "/var/db/pkg/vuln.xml", xml=true) at audit.c:211
#2  0x000000000040902e in exec_audit (argc=0, argv=0x7fffffffd530) at audit.c:882
#3  0x00000000004105b0 in main (argc=2, argv=0x7fffffffd520) at main.c:754

> Implementing the following patch solves the issue:
> --- audit_orig.c 2013-12-11 03:36:21.390625000 +0100
> +++ audit.c 2013-12-11 03:36:59.796875000 +0100
> @@ -206,9 +206,10 @@
>  
>         cleanup:
>         unlink(tmp);
> -       if (a != NULL)
> +       if (a != NULL) {
>                 archive_read_close(a);
>                 archive_read_free(a);
> +       }
>         if (fd >= 0)
>                 close(fd);
> 
> Thanks in advance for your help.
> Phil

Indeed, adding the erroneously missing braces fixes the problem here.

Thanks Phil,

Regards
Andrew


More information about the freebsd-ports mailing list