pkg_parse: fix segfault when parsing descriptions with leading newlines

During parsing of multi-line descriptions that begin with a newline
character, the description pointer will be NULL when the first
continuation line is encountered, causing the strlen() invocation
on the description pointer to segfault.

This is caused by the fact that the parse_simple() helper used for
parsing the initial description line returns NULL instead of an
empty string when encountering only whitespace after the field name.

Rework the continuation line parsing code to not assume an initialized
pointer by checking before calling strlen() and avoiding realloc()
on a NULL pointer.

Fixes FS#933.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/libopkg/pkg_parse.c b/libopkg/pkg_parse.c
index 121f147900032d81775d6ddf102e41b2a0b44d62..d6fe54611cba286f4c495fd4d80d3ec54d216ea8 100644 (file)
--- a/libopkg/pkg_parse.c
+++ b/libopkg/pkg_parse.c
@@ -254,18 +254,16 @@ int pkg_parse_line(void *ptr, char *line, uint mask)
 
        case ' ':
                if ((mask & PFM_DESCRIPTION) && reading_description) {
-                       if (isatty(1)) {
-                               description = xrealloc(description,
-                                                           strlen(description)
-                                                           + 1 + strlen(line) +
-                                                           1);
+                       size_t len = (description ? strlen(description) : 0)
+                               + (isatty(1) ? 1 : 0) + strlen(line) + 1;
+
+                       description = description ? xrealloc(description, len)
+                               : xcalloc(len, 1);
+
+                       if (isatty(1))
                                strcat(description, "\n");
-                       } else {
-                               description = xrealloc(description,
-                                                           strlen(description)
-                                                           + 1 + strlen(line));
-                       }
-                       strcat(description, (line));
+
+                       strcat(description, line);
                        goto dont_reset_flags;
                } else if ((mask & PFM_CONFFILES) && reading_conffiles) {
                        parse_conffiles(pkg, line);