Bug 25543

Summary:	pkg_info dumps core
Product:	Base System	Reporter:	colle <colle>
Component:	bin	Assignee:	freebsd-bugs (Nobody) <bugs>
Status:	Closed FIXED
Severity:	Affects Only Me
Priority:	Normal
Version:	Unspecified
Hardware:	Any
OS:	Any

Description colle 2001-03-05 14:40:01 UTC

adding a package (with /stand/sysinstall or pkg_add) fails because
the subprocess pkg_info dumps core.

The stacktrace is:
bash-2.04# gdb /usr/sbin/pkg_info.bad  /var/tmp/instmp.9kfRWV/pkg_info.bad.core 
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
(no debugging symbols found)...
Core was generated by `pkg_info.bad'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libfetch.so.2...(no debugging symbols found)...
done.
Reading symbols from /usr/lib/libmd.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/libc.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/libexec/ld-elf.so.1...(no debugging symbols found)...
done.
#0  0x280f60fe in __vfprintf () from /usr/lib/libc.so.5
(gdb) $b
Undefined command: "".  Try "help".
(gdb) ba
#0  0x280f60fe in __vfprintf () from /usr/lib/libc.so.5
#1  0x280f04e7 in snprintf () from /usr/lib/libc.so.5
#2  0x8049a70 in free ()
#3  0x80499e6 in free ()
#4  0x8049699 in free ()

The command to generate the core is:
bash-2.04# ktrace -i pkg_add -v ~colle/mod_php4-4.0.4pl1.tgz 
Requested space: 1480852 bytes, free space: 17775616 bytes in /var/tmp/instmp.9kfRWV
Package `mod_php4-4.0.4pl1' depends on `mysql-client-3.23.33'.
Segmentation fault - core dumped
pkg_add: could not find package mysql-client-3.23.33 !
Package `mod_php4-4.0.4pl1' depends on `apache-1.3.17_1'.
Segmentation fault - core dumped
pkg_add: could not find package apache-1.3.17_1 !

Fix: 

temp fix:
replace pkg_info with pkg_info from FBSD4.
and fbsd 5 flies again
How-To-Repeat: pkg_add mod_php4-4.0.4pl1.tgz

Comment 1 colle 2001-03-05 15:05:09 UTC

The core dump is due to accessing uninitialized memory:

pkg_perform(char **pkgs)
{
    char **matched;
    char *tmp;
    int err_cnt = 0;
    int i, errcode;

    signal(SIGINT, cleanup);

    /* Overriding action? */
    if (CheckPkg) {
        char buf[FILENAME_MAX];

        snprintf(buf, FILENAME_MAX, "%s/%s", tmp, CheckPkg);
        return abs(access(buf, R_OK));
        /* Not reached */
    }




the variable tmp is never initialised:
add the follwoing line:
        tmp = getenv(PKG_DBDIR)?getenv(PKG_DBDIR):DEF_LOG_DIR;

so the code looks like:

pkg_perform(char **pkgs)
{
    char **matched;
    char *tmp;
    int err_cnt = 0;
    int i, errcode;

    signal(SIGINT, cleanup);

    /* Overriding action? */
    if (CheckPkg) {
        char buf[FILENAME_MAX];
        tmp = getenv(PKG_DBDIR)?getenv(PKG_DBDIR):DEF_LOG_DIR;

        snprintf(buf, FILENAME_MAX, "%s/%s", tmp, CheckPkg);
        return abs(access(buf, R_OK));
        /* Not reached */
    }



Now it flies again....


Christophe Colle

     | \       =============================================================  
     |  \      Colle Christophe                    Phone: +32-(0)3-886.39.83
     |   \     mail: colle@krtkg1.rug.ac.be   http://krtkg1.rug.ac.be/~colle
     +-----          
     |
 ----------+   When I'm in Ghent, then I'm probably at Anouk's place..
  \________|   =======     Radiotherapy Department, Ghent      =============

Comment 2 rooneg 2001-03-11 19:57:38 UTC

This has been fixed.  Revision 1.36 of perform.c puts these lines back in, so
this pr should be closed.

-- 
garrett rooney                        Unix was not designed to stop you from 
rooneg@electricjellyfish.net          doing stupid things, because that would  
http://electricjellyfish.net/         stop you from doing clever things.

Comment 3 Kris Kennaway freebsd_committer

2001-03-12 00:14:11 UTC

State Changed
From-To: open->closed

Problem resolved