From c02dfd95e3db08460dfc61794564fbe4c05dc396 Mon Sep 17 00:00:00 2001
From: "Frank Ch. Eigler" <fche@redhat.com>
Date: Sat, 18 Jan 2020 15:32:40 -0500
Subject: [PATCH] PR25415: fix debuginfod SEGV for empty search path list

Prevent triggering undefined behaviour of fts(3), which causes
a SEGV on fedora glibc 2.29.
---
 debuginfod/ChangeLog         |  4 ++++
 debuginfod/debuginfod.cxx    |  5 +++++
 tests/ChangeLog              |  4 ++++
 tests/run-debuginfod-find.sh | 12 ++++++++++++
 4 files changed, 25 insertions(+)

diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index 8a25e1f7a..35130b2a5 100644
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,3 +1,7 @@
+2020-01-18  Frank Ch. Eigler  <fche@redhat.com>
+
+	* debuginfod.cxx (thread_main_scanner): Handle empty source_paths[].
+
 2020-01-11  Frank Ch. Eigler  <fche@redhat.com>
 
 	* debuginfod.cxx (libarchive_fdcache): New class/facility to own a
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index 9ca9bc61b..bf680048d 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -2360,6 +2360,11 @@ thread_main_scanner (void* arg)
 static void
 scan_source_paths()
 {
+  // NB: fedora 31 glibc/fts(3) crashes inside fts_read() on empty
+  // path list.
+  if (source_paths.empty())
+    return;
+
   // Turn the source_paths into an fts(3)-compatible char**.  Since
   // source_paths[] does not change after argv processing, the
   // c_str()'s are safe to keep around awile.
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 3e1c367d7..8936e410b 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,7 @@
+2020-01-18  Frank Ch. Eigler  <fche@redhat.com>
+
+	* run-debuginfod-find.sh: Test empty source_paths[].
+
 2020-01-08  Mark Wielaard  <mark@klomp.org>
 
 	* asm-test?.c: include libebl.h.
diff --git a/tests/run-debuginfod-find.sh b/tests/run-debuginfod-find.sh
index 6862db725..2a3d591b4 100755
--- a/tests/run-debuginfod-find.sh
+++ b/tests/run-debuginfod-find.sh
@@ -28,11 +28,13 @@ export DEBUGINFOD_CACHE_PATH=${PWD}/.client_cache
 
 PID1=0
 PID2=0
+PID3=0
 
 cleanup()
 {
   if [ $PID1 -ne 0 ]; then kill $PID1; wait $PID1; fi
   if [ $PID2 -ne 0 ]; then kill $PID2; wait $PID2; fi
+  if [ $PID3 -ne 0 ]; then kill $PID3; wait $PID3; fi
 
   rm -rf F R D L ${PWD}/.client_cache*
   exit_cleanup
@@ -360,4 +362,14 @@ testrun ${abs_builddir}/debuginfod_build_id_find -e F/prog 1
 
 testrun ${abs_top_builddir}/debuginfod/debuginfod-find debuginfo $BUILDID2 && false || true
 
+# Test debuginfod without a path list; reuse $PORT1
+env LD_LIBRARY_PATH=$ldpath ${abs_builddir}/../debuginfod/debuginfod $VERBOSE -F -U -d :memory: -p $PORT1 -L -F &
+PID3=$!
+wait_ready $PORT1 'thread_work_total{role="traverse"}' 1
+wait_ready $PORT1 'thread_work_pending{role="scan"}' 0
+wait_ready $PORT1 'thread_busy{role="scan"}' 0
+kill -int $PID3
+wait $PID3
+PID3=0
+
 exit 0
-- 
2.47.2