From: Ken Brown <kbrown@cornell.edu>
To: cygwin-apps@cygwin.com
Subject: Re: [PATCH setup 00/14] Use libsolv, solve all our problems... (WIP)
Date: Tue, 17 Oct 2017 12:45:00 -0000 [thread overview]
Message-ID: <003a8566-ad2b-a962-725a-4384fd5e4c64@cornell.edu> (raw)
In-Reply-To: <fcdf1a15-a5b8-37bd-f5de-d77a3be74aae@cornell.edu>
[-- Attachment #1: Type: text/plain, Size: 739 bytes --]
On 10/10/2017 7:18 AM, Ken Brown wrote:
> On 9/29/2017 4:33 PM, Ken Brown wrote:
>> I'll resume my testing after I return.
>
> I've just started testing (based on the current HEAD of topic/libsolv),
> and so far everything looks good.
I came across a situation where a SolvableVersion method was being
called on a trivial object (with pool and id both 0). This caused a
crash when pool_id2solvable(pool, id) was called and pool was
dereferenced. There's probably a bug that led to this situation. [It
involved a local install in which a package was listed in two different
setup.ini files, but the tarballs existed only in one.] I plan to
investigate this further. But in any case, we shouldn't crash. Patch
attached.
Ken
[-- Attachment #2: 0001-Avoid-dereferencing-NULL-pointers.patch --]
[-- Type: text/plain, Size: 2684 bytes --]
From f3b3c60ed473a1ef4e5b1ae5fcd1bfc46a6210fb Mon Sep 17 00:00:00 2001
From: Ken Brown <kbrown@cornell.edu>
Date: Tue, 17 Oct 2017 08:12:48 -0400
Subject: [PATCH] Avoid dereferencing NULL pointers
The libsolv function pool_id2solvable unconditionally dereferences its
first argument ('pool'). Callers must check that this argument is
non-NULL to avoid crashes.
---
libsolv.cc | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/libsolv.cc b/libsolv.cc
index 78e73a8..3a244d4 100644
--- a/libsolv.cc
+++ b/libsolv.cc
@@ -75,6 +75,8 @@ RelId2Operator(Id id)
const std::string
SolvableVersion::Name () const
{
+ if (!pool)
+ return "";
Solvable *solvable = pool_id2solvable(pool, id);
return std::string(pool_id2str(pool, solvable->name));
}
@@ -82,6 +84,8 @@ SolvableVersion::Name () const
const std::string
SolvableVersion::Canonical_version() const
{
+ if (!pool)
+ return "";
Solvable *solvable = pool_id2solvable(pool, id);
return std::string(pool_id2str(pool, solvable->evr));
}
@@ -89,6 +93,8 @@ SolvableVersion::Canonical_version() const
package_type_t
SolvableVersion::Type () const
{
+ if (!pool)
+ return package_binary;
Solvable *solvable = pool_id2solvable(pool, id);
if (solvable->arch == ARCH_SRC)
return package_source;
@@ -112,6 +118,9 @@ SolvableVersion::obsoletes() const
const PackageDepends
SolvableVersion::deplist(Id keyname) const
{
+ static PackageDepends empty_package;
+ if (!pool)
+ return empty_package;
Solvable *solvable = pool_id2solvable(pool, id);
Queue q;
@@ -147,13 +156,14 @@ SolvableVersion::deplist(Id keyname) const
}
// otherwise, return an empty depends list
- static PackageDepends empty_package;
return empty_package;
}
const std::string
SolvableVersion::SDesc () const
{
+ if (!pool)
+ return "";
Solvable *solvable = pool_id2solvable(pool, id);
const char *sdesc = repo_lookup_str(solvable->repo, id, SOLVABLE_SUMMARY);
return sdesc;
@@ -197,6 +207,8 @@ SolvableVersion::sourcePackage () const
void
SolvableVersion::fixup_spkg_id (SolvableVersion spkg_id) const
{
+ if (!pool)
+ return;
Solvable *solvable = pool_id2solvable(pool, id);
Repodata *data = repo_last_repodata(solvable->repo);
Id handle = id;
@@ -237,6 +249,8 @@ SolvableVersion::accessible () const
package_stability_t
SolvableVersion::Stability () const
{
+ if (!pool)
+ return TRUST_UNKNOWN;
Solvable *solvable = pool_id2solvable(pool, id);
Id stability_attr = pool_str2id(pool, "solvable:stability", 1);
return (package_stability_t)repo_lookup_num(solvable->repo, id, stability_attr, TRUST_UNKNOWN);
--
2.14.2
next prev parent reply other threads:[~2017-10-17 12:45 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-31 10:53 Jon Turney
2017-05-31 10:53 ` [PATCH setup 04/14] Hoist pick() up to packagemeta Jon Turney
2017-05-31 10:53 ` [PATCH setup 05/14] Hoist uninstall up to Installer::uninstallOne() Jon Turney
2017-05-31 10:53 ` [PATCH setup 03/14] Hoist addScript() etc. up from packageversion to packagemeta Jon Turney
2017-05-31 10:53 ` [PATCH setup 01/14] Opaque how PackageDepends is stored Jon Turney
2017-05-31 10:53 ` [PATCH setup 02/14] Factor out reading installed.db Jon Turney
2017-05-31 10:57 ` [PATCH setup 08/14] Change to using a libsolv pool for storing package information Jon Turney
2017-05-31 10:57 ` [PATCH setup 09/14] Remove cygpackage class Jon Turney
2017-05-31 10:57 ` [PATCH setup 10/14] Remove packageversion class Jon Turney
2017-05-31 10:57 ` [PATCH setup 06/14] Hoist scan() up from packageversion to packagemeta Jon Turney
2017-05-31 10:57 ` [PATCH setup 07/14] Store package stability in class packageversion Jon Turney
2017-05-31 11:05 ` [PATCH setup 11/14] Drop in SolvableVersion as a replacement for packageversion Jon Turney
2017-05-31 11:05 ` [PATCH setup 12/14] Use solver to check for problems and produce a list of package transactions Jon Turney
2017-05-31 11:05 ` [PATCH setup 13/14] Download/checksum/install/uninstall what transaction wants Jon Turney
2017-05-31 11:05 ` [PATCH setup 14/14] Add obsoletes: support Jon Turney
2017-08-29 13:37 ` [PATCH setup 00/14] Use libsolv, solve all our problems... (WIP) Ken Brown
2017-08-30 21:47 ` Ken Brown
2017-09-01 15:01 ` Ken Brown
2017-09-02 16:57 ` Ken Brown
2017-09-05 13:34 ` Jon Turney
2017-09-05 18:40 ` Achim Gratz
2017-09-06 2:52 ` Ken Brown
2017-11-23 18:10 ` Jon Turney
2017-11-23 20:32 ` Ken Brown
2017-11-23 20:54 ` Achim Gratz
2017-09-08 18:54 ` Ken Brown
2017-09-11 20:40 ` Ken Brown
2017-09-13 19:17 ` Achim Gratz
2017-09-13 21:16 ` Ken Brown
2017-09-14 17:26 ` Achim Gratz
2017-09-14 20:46 ` Ken Brown
2017-09-15 19:24 ` Jon Turney
2017-09-16 16:21 ` Ken Brown
2017-09-19 12:24 ` Ken Brown
2017-09-19 16:46 ` Jon Turney
2017-09-19 16:58 ` Ken Brown
2017-12-05 14:32 ` Jon Turney
2017-12-05 17:36 ` Ken Brown
2017-12-13 17:31 ` Ken Brown
2017-12-13 18:06 ` Achim Gratz
2017-12-13 22:31 ` Ken Brown
2017-12-14 14:12 ` Ken Brown
2017-12-24 15:00 ` Ken Brown
2018-01-09 13:25 ` Jon Turney
2018-01-09 15:37 ` Ken Brown
2018-01-09 15:49 ` Ken Brown
2018-01-13 14:14 ` Jon Turney
2018-01-13 19:56 ` Ken Brown
2018-01-13 21:29 ` Brian Inglis
2018-01-13 22:55 ` Ken Brown
2018-01-14 0:00 ` Ken Brown
2018-01-14 1:52 ` Brian Inglis
2018-01-14 2:37 ` Ken Brown
2018-01-15 19:02 ` Jon Turney
2018-01-15 21:50 ` Ken Brown
2018-01-18 19:14 ` Jon Turney
2017-09-15 15:15 ` Jon Turney
2017-09-15 16:53 ` Ken Brown
2017-09-15 20:56 ` cyg Simple
2017-09-17 16:02 ` Ken Brown
2017-09-26 14:50 ` Jon Turney
2017-09-26 16:07 ` Ken Brown
2017-09-27 19:14 ` Jon Turney
2017-09-27 20:33 ` Ken Brown
2017-09-29 17:38 ` Jon Turney
2017-09-29 20:34 ` Ken Brown
2017-10-02 14:07 ` Jon Turney
2017-10-02 15:17 ` Marco Atzeri
2017-10-04 14:43 ` Jon Turney
2017-10-10 11:18 ` Ken Brown
2017-10-10 15:49 ` Jon Turney
2017-10-17 12:45 ` Ken Brown [this message]
2017-10-17 18:47 ` Jon Turney
2017-10-18 15:28 ` Ken Brown
2017-10-18 15:57 ` Ken Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=003a8566-ad2b-a962-725a-4384fd5e4c64@cornell.edu \
--to=kbrown@cornell.edu \
--cc=cygwin-apps@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).