<p>In %trace mode, evaluating a macro which is undefined causes an invalid<br>
read of 1 byte when searching for the end of the string:</p>
<p>trillian:~$ valgrind rpmspec --eval '%trace' --eval '%{?myUndefinedMacro}'<br>
==21534== Memcheck, a memory error detector<br>
==21534== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.<br>
==21534== Using Valgrind-3.12.0 and LibVEX; rerun with -h for copyright info<br>
==21534== Command: rpmspec --trace --eval %{?myUndefinedMacro}<br>
==21534==</p>
<p>1>   %{?myUndefinedMacro}^==21534== Invalid read of size 1<br>
==21534==    at 0x55018D4: printMacro (macro.c:296)<br>
==21534==    by 0x5502DFC: expandMacro (macro.c:1077)<br>
==21534==    by 0x5503710: doExpandMacros (macro.c:1280)<br>
==21534==    by 0x5504AB6: rpmExpand (macro.c:1629)<br>
==21534==    by 0x508F59A: rpmcliAllArgCallback (poptALL.c:120)<br>
==21534==    by 0x6DAF71D: invokeCallbacksOPTION (popt.c:156)<br>
==21534==    by 0x6DAF75B: invokeCallbacksOPTION (popt.c:139)<br>
==21534==    by 0x6DB1428: poptGetNextOpt (popt.c:1515)<br>
==21534==    by 0x508F912: rpmcliInit (poptALL.c:302)<br>
==21534==    by 0x1095B2: main (rpmspec.c:63)<br>
==21534==  Address 0x8a010f3 is 0 bytes after a block of size 19 alloc'd<br>
==21534==    at 0x4C2DB9D: malloc (vg_replace_malloc.c:299)<br>
==21534==    by 0x5507C17: rmalloc (rpmmalloc.c:44)<br>
==21534==    by 0x5502788: expandMacro (macro.c:927)<br>
==21534==    by 0x5503710: doExpandMacros (macro.c:1280)<br>
==21534==    by 0x5504AB6: rpmExpand (macro.c:1629)<br>
==21534==    by 0x508F59A: rpmcliAllArgCallback (poptALL.c:120)<br>
==21534==    by 0x6DAF71D: invokeCallbacksOPTION (popt.c:156)<br>
==21534==    by 0x6DAF75B: invokeCallbacksOPTION (popt.c:139)<br>
==21534==    by 0x6DB1428: poptGetNextOpt (popt.c:1515)<br>
==21534==    by 0x508F912: rpmcliInit (poptALL.c:302)<br>
==21534==    by 0x1095B2: main (rpmspec.c:63)<br>
==21534==</p>
<p>1>   %{?_transaction_color}^<br>
1>   %{?_prefer_color}^<br>
1>   %{_netsharedpath}^<br>
1>   %{_install_langs}^<br>
==21534==<br>
==21534== HEAP SUMMARY:<br>
==21534==     in use at exit: 7,183 bytes in 71 blocks<br>
==21534==   total heap usage: 7,811 allocs, 7,740 frees, 3,500,361 bytes allocated<br>
==21534==<br>
==21534== LEAK SUMMARY:<br>
==21534==    definitely lost: 19 bytes in 1 blocks<br>
==21534==    indirectly lost: 0 bytes in 0 blocks<br>
==21534==      possibly lost: 0 bytes in 0 blocks<br>
==21534==    still reachable: 7,164 bytes in 70 blocks<br>
==21534==         suppressed: 0 bytes in 0 blocks<br>
==21534== Rerun with --leak-check=full to see details of leaked memory<br>
==21534==<br>
==21534== For counts of detected and suppressed errors, rerun with: -v<br>
==21534== ERROR SUMMARY: 5 errors from 1 contexts (suppressed: 0 from 0)<br>
trillian:~$</p>
<p>This can easily be avoided by checking the first byte as well as the<br>
second for our sentinal value (NUL).</p>
<p>Signed-off-by: Peter Jones <a href="mailto:pjones@redhat.com">pjones@redhat.com</a></p>

<hr>

<h4>You can view, comment on, or merge this pull request online at:</h4>
<p>  <a href='https://github.com/rpm-software-management/rpm/pull/160'>https://github.com/rpm-software-management/rpm/pull/160</a></p>

<h4>Commit Summary</h4>
<ul>
  <li>Bounds check strings to print correctly in %trace mode.</li>
</ul>

<h4>File Changes</h4>
<ul>
  <li>
    <strong>M</strong>
    <a href="https://github.com/rpm-software-management/rpm/pull/160/files#diff-0">rpmio/macro.c</a>
    (2)
  </li>
</ul>

<h4>Patch Links:</h4>
<ul>
  <li><a href='https://github.com/rpm-software-management/rpm/pull/160.patch'>https://github.com/rpm-software-management/rpm/pull/160.patch</a></li>
  <li><a href='https://github.com/rpm-software-management/rpm/pull/160.diff'>https://github.com/rpm-software-management/rpm/pull/160.diff</a></li>
</ul>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/rpm-software-management/rpm/pull/160">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/ANb801bzCpuFKyh1wv_a4rlGG5AO0gjiks5recEbgaJpZM4MGZI4">mute the thread</a>.<img alt="" height="1" src="https://github.com/notifications/beacon/ANb806CeS9efD_1ul0prrI99m7AtZneAks5recEbgaJpZM4MGZI4.gif" width="1" /></p>
<div itemscope itemtype="http://schema.org/EmailMessage">
<div itemprop="action" itemscope itemtype="http://schema.org/ViewAction">
  <link itemprop="url" href="https://github.com/rpm-software-management/rpm/pull/160"></link>
  <meta itemprop="name" content="View Pull Request"></meta>
</div>
<meta itemprop="description" content="View this Pull Request on GitHub"></meta>
</div>

<script type="application/json" data-scope="inboxmarkup">{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/rpm-software-management/rpm","title":"rpm-software-management/rpm","subtitle":"GitHub repository","main_image_url":"https://cloud.githubusercontent.com/assets/143418/17495839/a5054eac-5d88-11e6-95fc-7290892c7bb5.png","avatar_image_url":"https://cloud.githubusercontent.com/assets/143418/15842166/7c72db34-2c0b-11e6-9aed-b52498112777.png","action":{"name":"Open in GitHub","url":"https://github.com/rpm-software-management/rpm"}},"updates":{"snippets":[{"icon":"DESCRIPTION","message":"Bounds check strings to print correctly in %trace mode. (#160)"}],"action":{"name":"View Pull Request","url":"https://github.com/rpm-software-management/rpm/pull/160"}}}</script>