Bug#863919: Acknowledgement (sympow segfaults with basic input)

[Ximin Luo]

Control: severity -1 minor
Control: retitle -1 segfaults when MALLOC_PERTURB_ is set

Hi Jerome, it happens on stretch/sid. This is what I have installed:

Versions of packages sympow depends on:
ii  dpkg         1.18.24
ii  libc6        2.24-10
ii  pari-gp      2.9.1-1
ii  sympow-data  1.023-8

However, I just did some more tests and have tracked this down to me setting MALLOC_PERTURB_ in my .xsession. The error goes away if I unset it:

$ env -u MALLOC_PERTURB_ sympow -curve "[0,-1,1,-10,-20]" -analrank
[..]
Done with small primes 1049
Analytic Rank is 0 : L-value 2.53842e-01

$ sympow -curve "[0,-1,1,-10,-20]" -analrank
[..]
Done with small primes 1049
Segmentation fault
139

MALLOC_PERTURB_ is a glibc envvar that causes malloc() and free() to set memory - see "man mallopt" - which I was testing locally to see if it might be a good security defense against attacks like HeartBleed and Cloudbleed.

Since it's not a default envvar that most users would set, I'll downgrade the severity of this bug. However I haven't experienced any problems with other programs, so I would guess that sympow is using malloc/free in a weird way, which may be worth revisiting if you have time.

X

Jerome BENOIT:
> Hello Ximin, thanks for your report.
> 
> Do you meant that the issue happens on Stretch ?
> I ask because I thought it happens on experimental and because the CI test does not currently fail.
> 
> Thanks,
> Jerome 
> 
> On 02/06/17 14:34, Ximin Luo wrote:
>> BTW the stretch release date is soon:
> 
>> https://lists.debian.org/debian-devel-announce/2017/05/msg00002.html
> 
>> The deadline for fixing this is June 9th and you'll need to file an unblock request, asking them to reduce the default migration time of 10 days.
> 
>> I'm not sure if this bug warrants raising the severity to grave, but please do that if appropriate.
> 
>> X
> 
> 
> 

-- 
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
https://github.com/infinity0/pubkeys.git