[Bug-tar] Avoid undefined behavior of passing NULL to strcmp

bug-tar

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-tar] Avoid undefined behavior of passing NULL to strcmp

From:	Carl Worth
Subject:	[Bug-tar] Avoid undefined behavior of passing NULL to strcmp
Date:	Tue, 04 Aug 2009 14:27:06 -0700

On Mon, 19 Feb 2007 12:52:12 +0100, Raúl Sánchez Siles wrote:
> To reproduce the error do this:
> 
> 1- echo "filename" > filelist
> 2- echo "" >>filelist
> 3- tar xvfz tarfile.tgz -T filelist
> 
> Note: its not necessary that "filename" exists.
>
> When you use -T, the contents of the file is dumped into the argv
> vector. Each line should contain a file name, optionally with its path.
> 
> You will have a segment violation because on line 421 of lib/getopt.c
> you have:
> 
> if (d->optind != argc && !strcmp (argv[d->optind], "--"))

Hi Raúl,

Thank you very much for the bug report.

As it turns out, the bug may or may not a segmentation fault. To be
precise, the code is passing a NULL pointer to strcmp, which is
undefined behavior according the the relevant specification. So
conforming implementations can do anything here, (including a
segmentation fault as well as silently treating NULL as an empty
string). My system, for example, seems to behave with the
silent-treat-NULL-like-empty-string behavior.

Regardless, this undefined behavior is something the program should
avoid doing.

> There are two possible options as I see it.
> 
> 1- Changing that line to: 
> if (d->optind != argc && argv[d->optind] && !strcmp (argv[d->optind], "--"))
> 
> 2- Fix the parsing of -T so an empty line won't be included in the dump
> to argv vector.

I've attached a patch for #1. Doing #2 looked like a bit more work to
me, and I'm lazy that way, (but Sergey might want to do something about
it).

> I tried to report this upstream but bug reporting is limited to memebers
> of the project.

I don't know if anything has changed with respect to bug reporting for
upstream tar in the past couple of years. But I've started reporting
bugs recently, and have had no problem doing so without any membership.
I simply send bug reports to address@hidden, (as I am doing with this
email), and I've found upstream to be particularly responsive to
high-quality bug reports, (thanks, Sergey!).

Happy hacking,

-Carl

0001-Avoid-undefined-behavior-of-passing-NULL-to-strcmp.patch
Description: Text Data

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-tar] Avoid undefined behavior of passing NULL to strcmp, Carl Worth <=
- Re: [Bug-tar] Avoid undefined behavior of passing NULL to strcmp, Sergey Poznyakoff, 2009/08/05

Prev by Date: [Bug-tar] --backup can destroy an extracted member when followed by an existing directory
Next by Date: [Bug-tar] Preserve timestamp of symlinks when extracting (if utimensat available)
Previous by thread: [Bug-tar] --backup can destroy an extracted member when followed by an existing directory
Next by thread: Re: [Bug-tar] Avoid undefined behavior of passing NULL to strcmp
Index(es):
- Date
- Thread