dpkg: Fix use after free issue on error summary

We are releasing the dpkg database now after running the commands, which
means that the postponed error reporting summary was trying to print
messages that had already been freed from the database memory pool.

Duplicate the passed strings so that we are impervious to the database
life-cycle.

Regression introduced in commit 3404fd24ef8020b4d6dc17adb82d7e6c035d90dc.

Closes: #843874

debian/changelog

@@ -7,6 +7,10 @@ dpkg (1.18.14) UNRELEASED; urgency=medium
     - Do not set PIE options if they have been negated, and do not reset
       them if they have been requested.
     Closes: #843791, #843826
+  * Fix use after free error in dpkg. It was trying to print messages that
+    had already been freed as part of the database memory pool, causing in
+    some cases segfaults when reporting the error summary at the end.
+    Regression introduced in dpkg 1.18.11. Closes: #843874
   * Test suite:
     - Do not fail tests on missing fakeroot, just skip them.
   * Build system:

src/errors.c

@@ -47,7 +47,7 @@ static int nerrs = 0;
 
 struct error_report {
   struct error_report *next;
-  const char *what;
+  char *what;
 };
 
 static struct error_report *reports = NULL;
@@ -66,7 +66,7 @@ enqueue_error_report(const char *arg)
     abort_processing = true;
     nr= &emergency;
   }
-  nr->what= arg;
+  nr->what = m_strdup(arg);
   nr->next = NULL;
   *lastreport= nr;
   lastreport= &nr->next;
@@ -109,6 +109,7 @@ reportbroken_retexitstatus(int ret)
     fputs(_("Errors were encountered while processing:\n"),stderr);
     while (reports) {
       fprintf(stderr," %s\n",reports->what);
+      free(reports->what);
       reports= reports->next;
     }
   }