[pacman-dev] [PATCH] Fix possible null pointer deref in check_arch

Dan McGee dan at archlinux.org
Fri Dec 10 20:48:02 EST 2010

If we have a corrupted database, a package can come through without an arch,
causing the code to blow up when making strcmp() calls. It might even be
possible with perfectly valid database entries lacking an 'arch =' line.
This behavior was seen as at least one of the problems in FS#21668.

Ensure pkgarch is not null before doing anything further.

Signed-off-by: Dan McGee <dan at archlinux.org>
 lib/libalpm/trans.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/lib/libalpm/trans.c b/lib/libalpm/trans.c
index 49fc0f6..02612ec 100644
--- a/lib/libalpm/trans.c
+++ b/lib/libalpm/trans.c
@@ -107,7 +107,7 @@ static alpm_list_t *check_arch(alpm_list_t *pkgs)
 	for(i = pkgs; i; i = i->next) {
 		pmpkg_t *pkg = i->data;
 		const char *pkgarch = alpm_pkg_get_arch(pkg);
-		if(strcmp(pkgarch,arch) && strcmp(pkgarch,"any")) {
+		if(pkgarch && strcmp(pkgarch, arch) && strcmp(pkgarch, "any")) {
 			char *string;
 			const char *pkgname = alpm_pkg_get_name(pkg);
 			const char *pkgver = alpm_pkg_get_version(pkg);

More information about the pacman-dev mailing list