commit f4c79584d01c6394544c86c122d2f32f77a1d02d
Author: Michael Schroeder <mls@suse.de>
Date: Wed May 18 09:04:40 2011 +0300
Always copy macro source when expanding it
- A macro can undefine itself, and unless we grab a copy of it we'll
end up accessing already freed memory. Fixes a regression from
commit ebc4ceaaeb8bb59019f4635471b28eb5f3eaaaa6 which assumed
a copy is not always needed.
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
diff --git a/rpmio/macro.c b/rpmio/macro.c
index 8ea4819..d79ef18 100644
--- a/rpmio/macro.c
+++ b/rpmio/macro.c
@@ -1022,12 +1022,12 @@ expandMacro(MacroBuf mb, const char *src, size_t slen)
char *source = NULL;
/* Handle non-terminated substrings by creating a terminated copy */
- if (slen > 0) {
- source = xmalloc(slen + 1);
- strncpy(source, src, slen);
- source[slen] = '\0';
- s = source;
- }
+ if (!slen)
+ slen = strlen(src);
+ source = xmalloc(slen + 1);
+ strncpy(source, src, slen);
+ source[slen] = '\0';
+ s = source;
if (mb->buf == NULL) {
size_t blen = MACROBUFSIZ + strlen(s);