patch -pq throws segfault
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
patch (Debian) |
Fix Released
|
Unknown
|
|||
patch (Ubuntu) |
Fix Released
|
Low
|
Unassigned | ||
Trusty |
Fix Released
|
Low
|
Brian Murray |
Bug Description
[Impact]
patch crashes when -p option is given non-number. Output when running with:
~/src/patch-2.7.1$ gdb --args src/patch -pq
(gdb) run
Starting program: /home/user/
/home/user/
Program received signal SIGSEGV, Segmentation fault.
gl_list_
762 ->iterator (list);
(gdb)
[Test Case]
patch -pq
[Regression Potential]
Just in Utopic. Add if clause.
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: patch 2.7.1-4
ProcVersionSign
Uname: Linux 3.13.0-19-generic x86_64
ApportVersion: 2.14.1-0ubuntu2
Architecture: amd64
CurrentDesktop: LXDE
Date: Fri Apr 11 10:12:15 2014
Dependencies:
gcc-4.9-base 4.9-20140406-
libc6 2.19-0ubuntu4
libgcc1 1:4.9-20140406-
multiarch-support 2.19-0ubuntu4
InstallationDate: Installed on 2014-04-07 (3 days ago)
InstallationMedia: Lubuntu 14.04 LTS "Trusty Tahr" - Beta amd64 (20140326)
SourcePackage: patch
UpgradeStatus: No upgrade log present (probably fresh install)
Related branches
- Ubuntu branches: Pending requested
-
Diff: 2055 lines (+2009/-1)6 files modified.pc/applied-patches (+1/-0)
.pc/fix-non-numeric-arg-crash.diff/src/patch.c (+1979/-0)
debian/changelog (+7/-0)
debian/patches/fix-non-numeric-arg-crash.diff (+19/-0)
debian/patches/series (+1/-0)
src/patch.c (+2/-1)
tags: | added: patch |
Changed in patch (Ubuntu Trusty): | |
importance: | Undecided → Low |
milestone: | none → trusty-updates |
Changed in patch (Debian): | |
status: | Unknown → New |
Changed in patch (Debian): | |
status: | New → Fix Released |
tags: | added: patch-test-passed |
Changed in patch (Ubuntu): | |
milestone: | trusty-updates → none |
status: | Triaged → Fix Released |
Changed in patch (Ubuntu Trusty): | |
assignee: | nobody → Brian Murray (brian-murray) |
status: | Triaged → In Progress |
I didn't think this as security vulnerability, but on 2nd thought, I could see how a bug in patch could be expoited to introduce unintended changes along with an innocent patch.