[Bug 345564] Re: bug in chrpath option parsing
Petr Machata
pmachata at redhat.com
Mon Oct 22 13:23:10 UTC 2012
We got this in Fedora as well. There, it's easily reproducible by issuing chrpath --hep. Full details here:
https://bugzilla.redhat.com/show_bug.cgi?id=868611
** Bug watch added: Red Hat Bugzilla #868611
https://bugzilla.redhat.com/show_bug.cgi?id=868611
** Patch added: "chrpath-0.13-getopt_long.patch"
https://bugs.launchpad.net/ubuntu/+source/chrpath/+bug/345564/+attachment/3408838/+files/chrpath-0.13-getopt_long.patch
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to chrpath in Ubuntu.
https://bugs.launchpad.net/bugs/345564
Title:
bug in chrpath option parsing
Status in “chrpath” package in Ubuntu:
New
Bug description:
Binary package hint: chrpath
In package chrpath-0.13-2, in source file main.c at line 26, the long_options array should be terminated with a zeroed entry, as per getopt_long(3), but it is not.
This causes chrpath to crash if an unknown long option is specified.
On my system (ubuntu jaunty amd64) the bug does not always show in the distributed binary because (by luck) some null bytes happen to follow the array in the compiled image, but the executable will crash if you specify a "forged" option such as:
chrpath --$(printf "\206 \255\373")
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chrpath/+bug/345564/+subscriptions
More information about the foundations-bugs
mailing list