Use heap to allocate PatternMatch to avoid potential stack overflow

When apt-cache search with many args (> 130) is given the allocation
of PatternMatch on the stack may fail resulting in a segmentation
fault. By using the heap the max size is much bigger and we also
get a bad_alloc expection instead of a segfault (which we can catch
*if* this ever becomes a pratical problem). No test for the crash
as its not reproducable with the MALLOC_ settings in framework.

Closes: 759612

diff --git a/cmdline/apt-cache.cc b/cmdline/apt-cache.cc
index 1414617eb4abb7bf4f200444909b556a70039c20..ac0d48a362ab81d070b54aedc875a13a1932e61c 100644 (file)
--- a/cmdline/apt-cache.cc
+++ b/cmdline/apt-cache.cc
@@ -1278,8 +1278,8 @@ static bool Search(CommandLine &CmdL)
    ExDescFile *DFList = new ExDescFile[descCount];
    memset(DFList,0,sizeof(*DFList) * descCount);
 
    ExDescFile *DFList = new ExDescFile[descCount];
    memset(DFList,0,sizeof(*DFList) * descCount);
 

-   bool PatternMatch[descCount * NumPatterns];
-   memset(PatternMatch,false,sizeof(PatternMatch));
+   bool *PatternMatch = new bool[descCount * NumPatterns];
+   memset(PatternMatch,false,sizeof(*PatternMatch) * descCount * NumPatterns);

 
    // Map versions that we want to write out onto the VerList array.
    for (pkgCache::GrpIterator G = Cache->GrpBegin(); G.end() == false; ++G)
 
    // Map versions that we want to write out onto the VerList array.
    for (pkgCache::GrpIterator G = Cache->GrpBegin(); G.end() == false; ++G)


@@ -1389,6 +1389,7 @@ static bool Search(CommandLine &CmdL)
    }
    
    delete [] DFList;
    }
    
    delete [] DFList;

+   delete [] PatternMatch;

    for (unsigned I = 0; I != NumPatterns; I++)
       regfree(&Patterns[I]);
    if (ferror(stdout))
    for (unsigned I = 0; I != NumPatterns; I++)
       regfree(&Patterns[I]);
    if (ferror(stdout))