From matthias.andree@gmx.de  Mon Jun  1 15:58:07 2009
Return-Path: <matthias.andree@gmx.de>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A7C6B106566B
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  1 Jun 2009 15:58:07 +0000 (UTC)
	(envelope-from matthias.andree@gmx.de)
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
	by mx1.freebsd.org (Postfix) with SMTP id EE69C8FC0C
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  1 Jun 2009 15:58:06 +0000 (UTC)
	(envelope-from matthias.andree@gmx.de)
Received: (qmail invoked by alias); 01 Jun 2009 15:58:05 -0000
Received: from unknown (EHLO mandree.no-ip.org) [85.183.208.172]
  by mail.gmx.net (mp056) with SMTP; 01 Jun 2009 17:58:05 +0200
Received: by merlin.emma.line.org (Postfix, from userid 51)
	id 515E494AEF; Mon,  1 Jun 2009 18:04:36 +0200 (CEST)
Received: from rho.emma.line.org (unknown [192.168.0.198])
	by merlin.emma.line.org (Postfix) with ESMTP id 633EF945C8
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  1 Jun 2009 13:22:52 +0200 (CEST)
Received: by rho.emma.line.org (Postfix, from userid 0)
	id 0A5B533C09; Mon,  1 Jun 2009 13:22:51 +0200 (CEST)
Message-Id: <20090601112252.0A5B533C09@rho.emma.line.org>
Date: Mon,  1 Jun 2009 13:22:51 +0200 (CEST)
From: matthias.andree@gmx.de
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: pkg_delete segfaults on empty @pkgdep lines 
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         135159
>Category:       bin
>Synopsis:       [patch] pkg_delete(1) segfaults on empty @pkgdep lines
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    portmgr
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jun 01 16:00:05 UTC 2009
>Closed-Date:    Wed May 28 15:01:22 UTC 2014
>Last-Modified:  Wed May 28 17:40:00 UTC 2014
>Originator:     Bourne-again Superuser
>Release:        FreeBSD 7.2-RELEASE i386
>Organization:
>Environment:
System: FreeBSD rho.emma.line.org 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Mon Jun 1 01:31:01 CEST 2009 toor@rho:/usr/src/sys/i386/compile/GENERIC i386


	
>Description:
pkg_delete segfaults when deinstalling packages with a certain kind of
corruption in the +CONTENTS file. I am not sure where this problem originated,
(probably either portmaster or portupgrade),
but for sure pkg_delete should not segfault on any kind of corruption.

The segfault happens with and without -f option.

This happens in 7_STABLE as of 2009-06-01 as well as 7.2-RELEASE.
	
>How-To-Repeat:
(replace foobar by a package to be deleted)

echo '@pkgdep' >>/var/db/pkg/foobar/+CONTENTS
pkg_delete -f foobar

	
>Fix:

	


>Release-Note:
>Audit-Trail:

From: Mikolaj Golub <to.my.trociny@gmail.com>
To: bug-followup@FreeBSD.org,matthias.andree@gmx.de
Cc:  
Subject: Re: bin/135159: pkg_delete segfaults on empty @pkgdep lines
Date: Fri, 05 Jun 2009 10:39:18 +0300

 --=-=-=
 
 I see the fix in CURRENT for this problem:
 
 Tue May 19 14:26:41 2009 UTC (2 weeks, 2 days ago) by flz
 Branches: MAIN
 CVS tags: HEAD
 Diff to: previous 1.55: preferred, colored
 Changes since revision 1.55: +4 -0 lines
 
 SVN rev 192382 on 2009-05-19 14:26:41Z by flz
 
 Skip @pkgdep if there's no argument.
 
 Submitted by:	pav
 MFC after:	1 week
 
 But actually I don't like very much the solution. It fixes only this
 particular case with @pkgdep but leaves the same potential problems with other
 commands.
 
 We could fix this as it is proposed in the patch attached. I have added
 argument checking for the commands I was sure that they needed it but some
 other commands might need the check too.
 
 -- 
 Mikolaj Golub
 
 
 --=-=-=
 Content-Type: text/x-diff
 Content-Disposition: inline; filename=pkg_install.patch
 
 Index: lib/lib.h
 ===================================================================
 --- lib/lib.h	(revision 193485)
 +++ lib/lib.h	(working copy)
 @@ -39,6 +39,7 @@
  /* Macros */
  #define SUCCESS	(0)
  #define	FAIL	(-1)
 +#define	FAIL_ARGMISS	(-2)
  
  #ifndef TRUE
  #define TRUE	(1)
 Index: lib/plist.c
 ===================================================================
 --- lib/plist.c	(revision 193485)
 +++ lib/plist.c	(working copy)
 @@ -208,14 +208,23 @@
  	*arg = (char *)sp;
      if (!strcmp(cmd, "cwd"))
  	return PLIST_CWD;
 -    else if (!strcmp(cmd, "srcdir"))
 -	return PLIST_SRC;
 -    else if (!strcmp(cmd, "cd"))
 +    else if (!strcmp(cmd, "srcdir")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_SRC;
 +    } else if (!strcmp(cmd, "cd"))
  	return PLIST_CWD;
 -    else if (!strcmp(cmd, "exec"))
 -	return PLIST_CMD;
 -    else if (!strcmp(cmd, "unexec"))
 -	return PLIST_UNEXEC;
 +    else if (!strcmp(cmd, "exec")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_CMD;
 +    } else if (!strcmp(cmd, "unexec"))
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_UNEXEC;
      else if (!strcmp(cmd, "mode"))
  	return PLIST_CHMOD;
      else if (!strcmp(cmd, "owner"))
 @@ -237,21 +246,42 @@
  	return PLIST_IGNORE;
      else if (!strcmp(cmd, "ignore_inst"))
  	return PLIST_IGNORE_INST;
 -    else if (!strcmp(cmd, "name"))
 -	return PLIST_NAME;
 -    else if (!strcmp(cmd, "display"))
 -	return PLIST_DISPLAY;
 -    else if (!strcmp(cmd, "pkgdep"))
 -	return PLIST_PKGDEP;
 -    else if (!strcmp(cmd, "conflicts"))
 -	return PLIST_CONFLICTS;
 -    else if (!strcmp(cmd, "mtree"))
 -	return PLIST_MTREE;
 -    else if (!strcmp(cmd, "dirrm"))
 -	return PLIST_DIR_RM;
 -    else if (!strcmp(cmd, "option"))
 -	return PLIST_OPTION;
 -    else
 +    else if (!strcmp(cmd, "name")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_NAME;
 +    } else if (!strcmp(cmd, "display")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_DISPLAY;
 +    } else if (!strcmp(cmd, "pkgdep")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_PKGDEP;
 +    } else if (!strcmp(cmd, "conflicts")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_CONFLICTS;
 +    } else if (!strcmp(cmd, "mtree")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_MTREE;
 +    } else if (!strcmp(cmd, "dirrm")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_DIR_RM;
 +    } else if (!strcmp(cmd, "option")) {
 +	if (**arg == '\0')
 +	    return FAIL_ARGMISS;
 +	else
 +	    return PLIST_OPTION;
 +    } else
  	return FAIL;
  }
  
 @@ -283,12 +313,14 @@
  		__func__, pline);
  	    goto bottom;
  	}
 +	if (cmd == FAIL_ARGMISS) {
 +	    warnx("%s: command '%s': required argument is missed, ignoring",
 +		__func__, pline);
 +	    cmd = FAIL;
 +	    goto bottom;
 +	}
  	if (*cp == '\0') {
  	    cp = NULL;
 -	    if (cmd == PLIST_PKGDEP) {
 -		warnx("corrupted record (pkgdep line without argument), ignoring");
 -		cmd = FAIL;
 -	    }
  	    goto bottom;
  	}
  	if (cmd == PLIST_COMMENT && sscanf(cp, "PKG_FORMAT_REVISION:%d.%d\n",
 
 --=-=-=--
Responsible-Changed-From-To: freebsd-bugs->portmgr 
Responsible-Changed-By: vwe 
Responsible-Changed-When: Wed Mar 10 12:30:46 UTC 2010 
Responsible-Changed-Why:  
this is portmgr land 
please note, the fix might not be enough to catch all problems. 
recently on 7-stable I've seen empty @pkgdep lines and the dependency on the next line 

http://www.freebsd.org/cgi/query-pr.cgi?pr=135159 
State-Changed-From-To: open->closed 
State-Changed-By: bapt 
State-Changed-When: Wed May 28 15:01:22 UTC 2014 
State-Changed-Why:  
pkg_install is not being worked on anymore 

http://www.freebsd.org/cgi/query-pr.cgi?pr=135159 

From: Matthias Andree <matthias.andree@gmx.de>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/135159: [patch] pkg_delete(1) segfaults on empty @pkgdep
 lines
Date: Wed, 28 May 2014 19:34:35 +0200

 This was apparently fixed by this MFC'd commit long ago:
 <http://svnweb.freebsd.org/base?view=revision&revision=192382>
>Unformatted:
