>From 5a4b8e57fbcf651618c28727281d461796b8f411 Mon Sep 17 00:00:00 2001 From: Pavel Raiskup
Date: Thu, 29 Nov 2018 07:03:48 +0100 Subject: [PATCH] Fix segfault with --append The --append mode combines both process_copy_in() and process_copy_out() methods, each of them working with different (local) file_hdr->c_name buffers. So ensure that cpio_set_c_name() isn't using the same static variable for maintaining length of different buffers. Complements d36ec5f4e93130efb24fb9. Thanks to Ross Burton. * src/copyin.c (process_copy_in): Always initialize file_hdr. * src/copyout.c (process_copy_out): Likewise. * src/cpiohdr.h (cpio_file_stat): Add c_name_buflen variable. * src/util.c (cpio_set_c_name): Use file_hdr->c_name_buflen. --- src/copyin.c | 1 + src/copyout.c | 1 + src/cpiohdr.h | 1 + src/util.c | 3 ++- 4 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/copyin.c b/src/copyin.c index ba887ae..767c2f8 100644 --- a/src/copyin.c +++ b/src/copyin.c @@ -1213,6 +1213,7 @@ process_copy_in () newdir_umask = umask (0); /* Reset umask to preserve modes of created files */ + memset (&file_hdr, 0, sizeof (struct cpio_file_stat)); /* Initialize the copy in. */ if (pattern_file_name) diff --git a/src/copyout.c b/src/copyout.c index 7532dac..fb890cb 100644 --- a/src/copyout.c +++ b/src/copyout.c @@ -594,6 +594,7 @@ process_copy_out () /* Initialize the copy out. */ ds_init (&input_name, 128); + memset (&file_hdr, 0, sizeof (struct cpio_file_stat)); file_hdr.c_magic = 070707; /* Check whether the output file might be a tape. */ diff --git a/src/cpiohdr.h b/src/cpiohdr.h index 588135b..cf64f3e 100644 --- a/src/cpiohdr.h +++ b/src/cpiohdr.h @@ -127,6 +127,7 @@ struct cpio_file_stat /* Internal representation of a CPIO header */ uint32_t c_chksum; char *c_name; char *c_tar_linkname; + size_t c_name_buflen; }; void cpio_set_c_name(struct cpio_file_stat *file_hdr, char *name); diff --git a/src/util.c b/src/util.c index 10486dc..1256469 100644 --- a/src/util.c +++ b/src/util.c @@ -1413,7 +1413,7 @@ set_file_times (int fd, void cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name) { - static size_t buflen = 0; + size_t buflen = file_hdr->c_name_buflen; size_t len = strlen (name) + 1; if (buflen == 0) @@ -1430,6 +1430,7 @@ cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name) } file_hdr->c_namesize = len; + file_hdr->c_name_buflen = buflen; memmove (file_hdr->c_name, name, len); } -- 2.19.2