[Debian-ha-maintainers] Bug#731967: debdiff of NMU of libqb 0.16.0.real-1.1

Aníbal Monsalve Salazar anibal at debian.org
Thu Feb 20 07:54:43 UTC 2014 

debdiff libqb_0.16.0.real-1.dsc libqb_0.16.0.real-1.1.dsc
diff -Nru libqb-0.16.0.real/debian/changelog libqb-0.16.0.real/debian/changelog
--- libqb-0.16.0.real/debian/changelog	2013-08-02 06:39:15.000000000 +0100
+++ libqb-0.16.0.real/debian/changelog	2014-02-20 07:32:10.000000000 +0000
@@ -1,3 +1,15 @@
+libqb (0.16.0.real-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Do not overwrite memory during reading
+    Add test_ring_buffer1.diff
+    Patch by Dejan Latinovic
+    Closes: #731967
+  * Pass --localstatedir=`pwd`/var to configure to not fail the
+    tests when it's built with pbuilder
+
+ -- Anibal Monsalve Salazar <anibal at debian.org>  Thu, 20 Feb 2014 07:21:30 +0000
+
 libqb (0.16.0.real-1) unstable; urgency=low
 
   * New upload, this time with the "right" upstream .orig.tar.gz
diff -Nru libqb-0.16.0.real/debian/patches/series libqb-0.16.0.real/debian/patches/series
--- libqb-0.16.0.real/debian/patches/series	2013-08-02 07:03:11.000000000 +0100
+++ libqb-0.16.0.real/debian/patches/series	2014-02-19 10:33:58.000000000 +0000
@@ -1 +1,2 @@
 fix_version_number.patch
+test_ring_buffer1.diff
diff -Nru libqb-0.16.0.real/debian/patches/test_ring_buffer1.diff libqb-0.16.0.real/debian/patches/test_ring_buffer1.diff
--- libqb-0.16.0.real/debian/patches/test_ring_buffer1.diff	1970-01-01 01:00:00.000000000 +0100
+++ libqb-0.16.0.real/debian/patches/test_ring_buffer1.diff	2014-02-14 12:50:15.000000000 +0000
@@ -0,0 +1,66 @@
+Author: "Dejan Latinovic" <Dejan.Latinovic at rt-rk.com>
+Description: Fix for ring buffer test.
+
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731967
+
+After I ran rb.test manually I got this error:
+
+< Running suite(s): ringbuffer
+< 75%: Checks: 4, Failures: 0, Errors: 1
+< check_rb.c:82:E:test01:test_ring_buffer1:0: (after this point) Received < < signal 11 (Segmentation fault)
+< check_rb.c:123:P:test02:test_ring_buffer2:0: Passed
+< check_rb.c:155:P:test03:test_ring_buffer3:0: Passed
+< check_rb.c:183:P:test04:test_ring_buffer4:0: Passed
+
+
+The problem is that test_ring_buffer1 in ./tests/check_rb.c,
+at line:
+< actual = qb_rb_chunk_read(rb, &hdr, 512, 0);
+
+is attempting to read chunk from ring buffer
+< qb_ringbuffer_t *rb
+
+and store it into address of struct hdr
+< struct qb_ipc_request_header hdr;
+
+If the size of the chunk(90-93) is larger than size of the hdr (16),
+it comes to overwriting memory during reading.
+
+This test does not fail on some other architectures
+because there is a possibility that my_buf is located after hdr,
+< char my_buf[512];
+and then the overwriting passes unnoticed.
+
+A patch fixing this issue is attached.
+
+Index: libqb-0.16.0.real/tests/check_rb.c
+===================================================================
+--- libqb-0.16.0.real.orig/tests/check_rb.c	2013-12-09 14:28:57.000000000 +0000
++++ libqb-0.16.0.real/tests/check_rb.c	2013-12-09 14:31:15.000000000 +0000
+@@ -57,8 +57,9 @@
+ 				    hdr.id, "actually the line number", i,
+ 				    __func__, __FILE__) + 1;
+ 			hdr.size += sizeof(struct qb_ipc_request_header);
++			memcpy(my_buf, &hdr, sizeof(struct qb_ipc_request_header));
+ 			avail = qb_rb_space_free(rb);
+-			actual = qb_rb_chunk_write(rb, &hdr, hdr.size);
++			actual = qb_rb_chunk_write(rb, my_buf, hdr.size);
+ 			if (avail < (hdr.size + (3 * sizeof(uint32_t)))) {
+ 				ck_assert_int_eq(actual, -EAGAIN);
+ 			} else {
+@@ -72,13 +73,13 @@
+ 		str = my_buf + sizeof(struct qb_ipc_request_header);
+ 
+ 		for (i = 0; i < 15; i++) {
+-			actual = qb_rb_chunk_read(rb, &hdr, 512, 0);
++			actual = qb_rb_chunk_read(rb, my_buf, 512, 0);
+ 			if (actual < 0) {
+ 				ck_assert_int_eq(0, qb_rb_chunks_used(rb));
+ 				break;
+ 			}
++			memcpy(&hdr, my_buf, sizeof(struct qb_ipc_request_header));
+ 			str[actual - sizeof(struct qb_ipc_request_header)] = '\0';
+-
+ 			ck_assert_int_eq(actual, hdr.size);
+ 		}
+ 	}
diff -Nru libqb-0.16.0.real/debian/rules libqb-0.16.0.real/debian/rules
--- libqb-0.16.0.real/debian/rules	2013-03-20 23:03:33.000000000 +0000
+++ libqb-0.16.0.real/debian/rules	2014-02-20 07:20:49.000000000 +0000
@@ -17,3 +17,7 @@
 
 override_dh_autoreconf:
 	dh_autoreconf ./autogen.sh
+
+override_dh_auto_configure:
+	mkdir -p `pwd`/dev/shm `pwd`/var/run
+	dh_auto_configure -- --localstatedir=`pwd`/var

More information about the Debian-ha-maintainers mailing list