[bug #38239] missing variable initialisation in locate yields to segment

bug-findutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #38239] missing variable initialisation in locate yields to segment

From:	anonymous
Subject:	[bug #38239] missing variable initialisation in locate yields to segmentation faults
Date:	Sun, 03 Feb 2013 12:01:56 +0000
User-agent:	Mozilla/5.0 (X11; FreeBSD amd64; rv:18.0) Gecko/20100101 Firefox/18.0

URL:
  <http://savannah.gnu.org/bugs/?38239>

                 Summary: missing variable initialisation in locate yields to
segmentation faults
                 Project: findutils
            Submitted by: None
            Submitted on: Sun 03 Feb 2013 12:01:55 PM UTC
                Category: None
                Severity: 3 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: Klaus Aehlig
        Originator Email: address@hidden
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 4.5.11
           Fixed Release: None

    _______________________________________________________

Details:

in locate/locate.c the function dolocate uses a local variable
path_element that is never initialized if the environment
variable LOCATE_PATH is not set. Yet, in line 1886 it is accessed
via the fragment

       if (path_element)
        {
          free (path_element);
          path_element = NULL;
        }

resulting in free being called with values not obtained from
malloc if, due to compiler optimisation (think -O2), the default
value is not NULL.

In the same function for the same situation (LOCATE_PATH not set),
the variable locate_path is NULL; nevertheless in line 1892,
splitstring (locate_path, path_separators, false, ...) is called,
which dereferences its first argument.

The attached patch fixes theses issues for me.



    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Sun 03 Feb 2013 12:01:55 PM UTC  Name: patch-locate__locate.c  Size:
625B   By: None

<http://savannah.gnu.org/bugs/download.php?file_id=27375>

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?38239>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[bug #38239] missing variable initialisation in locate yields to segmentation faults, anonymous <=
- [bug #38239] missing variable initialisation in locate yields to segmentation faults, James Youngman, 2013/02/03
  - [bug #38239] missing variable initialisation in locate yields to segmentation faults, James Youngman, 2013/02/03

Prev by Date: Re: [PATCH 1/3] Remove test-coverage output files for "make clean".
Next by Date: Re: [bug #34976] find: Failed to save working directory in order to [...]: Too many open files
Previous by thread: Re: [PATCH 1/3] Remove test-coverage output files for "make clean".
Next by thread: [bug #38239] missing variable initialisation in locate yields to segmentation faults
Index(es):
- Date
- Thread