From 097248092ea4ff4543dfb17deb4e0d31dd697c71 Mon Sep 17 00:00:00 2001 From: Michael Vogt Date: Tue, 2 Sep 2014 17:06:52 +0200 Subject: Use heap to allocate PatternMatch to avoid potential stack overflow When apt-cache search with many args (> 130) is given the allocation of PatternMatch on the stack may fail resulting in a segmentation fault. By using the heap the max size is much bigger and we also get a bad_alloc expection instead of a segfault (which we can catch *if* this ever becomes a pratical problem). No test for the crash as its not reproducable with the MALLOC_ settings in framework. Closes: 759612 --- cmdline/apt-cache.cc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'cmdline') diff --git a/cmdline/apt-cache.cc b/cmdline/apt-cache.cc index 1414617eb..ac0d48a36 100644 --- a/cmdline/apt-cache.cc +++ b/cmdline/apt-cache.cc @@ -1278,8 +1278,8 @@ static bool Search(CommandLine &CmdL) ExDescFile *DFList = new ExDescFile[descCount]; memset(DFList,0,sizeof(*DFList) * descCount); - bool PatternMatch[descCount * NumPatterns]; - memset(PatternMatch,false,sizeof(PatternMatch)); + bool *PatternMatch = new bool[descCount * NumPatterns]; + memset(PatternMatch,false,sizeof(*PatternMatch) * descCount * NumPatterns); // Map versions that we want to write out onto the VerList array. for (pkgCache::GrpIterator G = Cache->GrpBegin(); G.end() == false; ++G) @@ -1389,6 +1389,7 @@ static bool Search(CommandLine &CmdL) } delete [] DFList; + delete [] PatternMatch; for (unsigned I = 0; I != NumPatterns; I++) regfree(&Patterns[I]); if (ferror(stdout)) -- cgit v1.2.3-70-g09d2