Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

checkpath -- free(): invalid pointer #459

Closed
garyemiller opened this issue Oct 8, 2021 · 2 comments
Closed

checkpath -- free(): invalid pointer #459

garyemiller opened this issue Oct 8, 2021 · 2 comments

Comments

@garyemiller
Copy link

I am a long time Gentoo user. I run Gentoo stable and unstable on a wide range of machines.

On just one, a Gentoo unstable, running on a znver2 CPU, I get this error:

# /lib/rc/bin/checkpath -d /tmp/tmp
free(): invalid pointer
Aborted

This has persisted for months. I have done "emerge -e world" many times, with various -mtune, -march, etc. and nothing affects the result.

So I did a "git pull, and looked at src/rc/checkpath.c. Then make this one change:

diff --git a/src/rc/checkpath.c b/src/rc/checkpath.c
index bab22692..df93d7d3 100644
--- a/src/rc/checkpath.c
+++ b/src/rc/checkpath.c
@@ -151,7 +151,8 @@ static char *clean_path(char *path)
        char *ch;
        char *ch2;
        char *str;
-       str = xmalloc(strlen(path));
+       str = xmalloc(strlen(path) + 1);
        ch = path;
        ch2 = str;
        while (true) {

The problem goes away. Looks like xmalloc() is just a wrapper on malloc().

According to "man strlen"

       The strlen() function calculates the length of the string pointed to by
       s, excluding the terminating null byte ('\0').

Looks to me like "str" is not big enough to hold "path" incuding its trailikng '\0'

No idea how that makes "free(path);" fail. But I'm glad it does.

.

@thesamesam
Copy link
Contributor

... I was just about to look into this because I saw this bug.

Thank you for doing the work!

@garyemiller
Copy link
Author

Geez, I only had to wait one more day for someone else to do it...

thesamesam added a commit to thesamesam/openrc that referenced this issue Oct 8, 2021
strlen's return value isn't enough to be used
directly for (x)malloc; it doesn't include
the null byte at the end of the string.

Fixes: OpenRC#459
Reported-by: Gary E. Miller
X-Gentoo-Bug: https://bugs.gentoo.org/816900
Signed-off-by: Sam James <sam@gentoo.org>
thesamesam added a commit to thesamesam/openrc that referenced this issue Oct 8, 2021
strlen's return value isn't enough to be used
directly for (x)malloc; it doesn't include
the null byte at the end of the string.

Fixes: OpenRC#459
Reported-by: Gary E. Miller
X-Gentoo-Bug: https://bugs.gentoo.org/816900
Signed-off-by: Sam James <sam@gentoo.org>
williamh pushed a commit that referenced this issue Oct 8, 2021
strlen's return value isn't enough to be used
directly for (x)malloc; it doesn't include
the null byte at the end of the string.

X-Gentoo-Bug: 816900
X-Gentoo-Bug-URL: https://bugs.gentoo.org/816900
Fixes: #459
Fixes: #462
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants