summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Vogt <mvo@ubuntu.com>2014-09-02 17:06:52 +0200
committerMichael Vogt <mvo@ubuntu.com>2014-09-02 17:25:35 +0200
commit097248092ea4ff4543dfb17deb4e0d31dd697c71 (patch)
treee6af763c1fe68a76960c92473a120edc13b101b4
parentcbcdd3ee9d86379d1b3a44e41ae8b17dc23111d0 (diff)
Use heap to allocate PatternMatch to avoid potential stack overflow
When apt-cache search with many args (> 130) is given the allocation of PatternMatch on the stack may fail resulting in a segmentation fault. By using the heap the max size is much bigger and we also get a bad_alloc expection instead of a segfault (which we can catch *if* this ever becomes a pratical problem). No test for the crash as its not reproducable with the MALLOC_ settings in framework. Closes: 759612
-rw-r--r--cmdline/apt-cache.cc5
1 files changed, 3 insertions, 2 deletions
diff --git a/cmdline/apt-cache.cc b/cmdline/apt-cache.cc
index 1414617eb..ac0d48a36 100644
--- a/cmdline/apt-cache.cc
+++ b/cmdline/apt-cache.cc
@@ -1278,8 +1278,8 @@ static bool Search(CommandLine &CmdL)
ExDescFile *DFList = new ExDescFile[descCount];
memset(DFList,0,sizeof(*DFList) * descCount);
- bool PatternMatch[descCount * NumPatterns];
- memset(PatternMatch,false,sizeof(PatternMatch));
+ bool *PatternMatch = new bool[descCount * NumPatterns];
+ memset(PatternMatch,false,sizeof(*PatternMatch) * descCount * NumPatterns);
// Map versions that we want to write out onto the VerList array.
for (pkgCache::GrpIterator G = Cache->GrpBegin(); G.end() == false; ++G)
@@ -1389,6 +1389,7 @@ static bool Search(CommandLine &CmdL)
}
delete [] DFList;
+ delete [] PatternMatch;
for (unsigned I = 0; I != NumPatterns; I++)
regfree(&Patterns[I]);
if (ferror(stdout))