[Aptitude-devel] Bug#726047: Bug#726055: libapt-pkg.so.4.12: segmentation fault in pkgDPkgPM::ProcessDpkgStatusLine

David Kalnischkies kalnischkies+debian at gmail.com
Fri Oct 11 23:09:09 UTC 2013


package aptitude libapt-pkg4.12
severity 726055 grave
reassign 726047 libapt-pkg4.12 0.9.12
merge 726055 726047
affects 726055 aptitude
thanks

Hi *,

On Fri, Oct 11, 2013 at 6:30 PM, Sven Hartge <sven at svenhartge.de> wrote:
> dpkg: error processing /var/cache/apt/archives/msr-tools_1.3-1_i386.deb (--unpack):
>  trying to overwrite '/usr/share/man/man1/cpuid.1.gz', which is also in package cpuid 20130610-2
>
> Program received signal SIGSEGV, Segmentation fault.
> 0xf7f5436b in pkgDPkgPM::ProcessDpkgStatusLine(int, char*) ()
>    from /usr/lib/i386-linux-gnu/libapt-pkg.so.4.12

With symbols and everything attached gdb says a bit more:
#1  pkgDPkgPM::ProcessDpkgStatusLine (this=this at entry=0x626190,
OutStatusFd=OutStatusFd at entry=-1, line=<optimized out>) at
deb/dpkgpm.cc:603
[apt-dbg doesn't exist because somehow we always fall for the
 "this time, we gonna get automatic -dbg generation" goal… oh my.]

This is a regression in 0.9.12, the buggy change being:
  * Fix status-fd progress calculation for certain multi-arch install/upgrade
    situations
which triggers on dpkg errors (like not declared file overrides as shown here)
or on conffile prompts (not tested yet, just assuming from the code).
#726001 seems to be different and aptitude related.
[The error being that the 4th element of an array with 3 elements is read]

Also, the advertised fix isn't complete as it assumes every package which dpkg
isn't qualifying with an architecture is native, which isn't the case, as dpkg
only qualifies :same packages, but not foreign packages (with the logic that
only one architecture could be meant at all times, so no need to qualify).
So while it will be correct for many, it certainly isn't for all and somehow,
throwing in the architecture "suddenly" smells like our front ends are going
to hate us… (at least if they parse what they hand to them with this).

[The code parsing dpkg status lines is a bloody mess, but I hope I will
 find some time in-between vintage this weekend to have a closer look]


Best regards

David Kalnischkies



More information about the Aptitude-devel mailing list