fixes invalid read and probable invalid free
- release 3
==5349== Invalid read of size 4
==5349== at 0x40DAAF2: poptFreeItems (popt.c:1777)
==5349== by 0x40DABAD: poptFreeContext (popt.c:1794)
==5349== by 0x80719D5: parse_arguments (options.c:1406)
==5349== by 0x806938B: main (main.c:1574)
==5349== Address 0x44c9f0c is 0 bytes after a block of size 4 alloc'd
==5349== at 0x40335F6: malloc (vg_replace_malloc.c:299)
==5349== by 0x8065D8B: _new_array (util2.c:68)
==5349== by 0x80714C0: popt_unalias (options.c:1313)
==5349== by 0x8071649: parse_arguments (options.c:1360)
==5349== by 0x806938B: main (main.c:1574)
--- /dev/null
+--- popt-1.17/popt.c.orig 2014-08-09 22:13:11.000000000 +0200
++++ popt-1.17/popt.c 2018-12-08 09:41:33.241167491 +0100
+@@ -1774,7 +1774,7 @@
+ item->option.argDescrip = _free(item->option.argDescrip);
+ /*@=modobserver =observertrans =dependenttrans@*/
+ #if !defined(SUPPORT_CONTIGUOUS_ARGV)
+- for (i = 0; item->argv[i]; i++)
++ for (i = 0; (i < item->argc) && item->argv[i]; i++)
+ item->argv[i] = _free(item->argv[i]);
+ #endif
+ item->argv = _free(item->argv);
Summary(uk.UTF-8): Бібліотека C для розбору параметрів командної стрічки
Name: popt
Version: 1.17
-Release: 2
+Release: 3
License: X Consortium (MIT-like)
Group: Libraries
Source0: http://rpm5.org/files/popt/%{name}-%{version}.tar.gz
# Source0-md5: 7f98c657d35981d30dd372da5335c354
Patch0: %{name}-diet.patch
+Patch1: %{name}-alias-argc.patch
URL: http://rpm5.org/
BuildRequires: autoconf >= 2.57
BuildRequires: automake >= 1.4
%prep
%setup -q
%patch0 -p1
+%patch1 -p1
%{__sed} -i -e 's#po/Makefile.in intl/Makefile##g' configure.ac
projects / packages / popt.git / commitdiff