Bug#1079204: gap-guava: Uninitialized array can cause random failures
Simon Chopin
schopin at ubuntu.com
Wed Aug 21 12:19:49 BST 2024
Package: gap-guava
Version: 3.19+ds-2
Severity: normal
Tags: patch
X-Debbugs-Cc: schopin at ubuntu.com
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu oracular ubuntu-patch
Hi,
FYI we've patched the Ubuntu package to fix an uninitialized array for
the `comment` variable that can make the autopkgtests fail, depending on
the state of the stack. It turns out that it doesn't fail on Debian CI,
presumably because we're not using the same default compile flags in
Ubuntu, resulting in changes of the stack layout.
It has been reported upstream, but I'm also leaving it here in case it
starts to fail before they release a new version upstream with the fix.
Cheers,
Simon
-- System Information:
Debian Release: trixie/sid
APT prefers noble-updates
APT policy: (500, 'noble-updates'), (500, 'noble-security'), (500, 'noble'), (100, 'noble-proposed'), (100, 'noble-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.8.0-40-generic (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_USER, TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
-------------- next part --------------
diff -Nru gap-guava-3.19+ds/debian/patches/0001-desauto-initialize-the-comment-array-to-a-sensible-v.patch gap-guava-3.19+ds/debian/patches/0001-desauto-initialize-the-comment-array-to-a-sensible-v.patch
--- gap-guava-3.19+ds/debian/patches/0001-desauto-initialize-the-comment-array-to-a-sensible-v.patch 1970-01-01 01:00:00.000000000 +0100
+++ gap-guava-3.19+ds/debian/patches/0001-desauto-initialize-the-comment-array-to-a-sensible-v.patch 2024-08-21 12:58:45.000000000 +0200
@@ -0,0 +1,44 @@
+From 3d6cdfdaed734159a7fa3d272a3b2ba6f74df4b6 Mon Sep 17 00:00:00 2001
+From: Simon Chopin <simon.chopin at canonical.com>
+Date: Wed, 21 Aug 2024 10:42:56 +0000
+Subject: [PATCH] desauto: initialize the comment array to a sensible value
+
+If left uninitialized, the comment array is passed down to client code
+without being even written to, which means it contains whatever happens
+to be on the stack whenever the frame for `main` is created. Recent
+changes to glibc start code have changed said content, and the new one
+happens to break the test suite when propagated into some temporary
+files that are then fed to the main leonconv binary.
+
+That explains why using ThreadSanitizer "fixes" the test suite:
+presumably, the runtime initialization code happens to write in that
+aread of the stack and changes yet again the contents of the comment
+array, which happens to suit whatever expectations are in leonconv.
+
+Fixes #98
+
+Bug: https://github.com/gap-packages/guava/issues/98
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/2077414
+Forwarded: yes, https://github.com/gap-packages/guava/pull/99
+---
+ src/leon/src/desauto.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/leon/src/desauto.c b/src/leon/src/desauto.c
+index 13c7a80..d4efae3 100644
+--- a/src/leon/src/desauto.c
++++ b/src/leon/src/desauto.c
+@@ -202,7 +202,7 @@ int main( int argc, char *argv[])
+ char tempArg[8];
+ enum { DESIGN_AUTO, DESIGN_ISO, MATRIX_AUTO, MATRIX_ISO, CODE_AUTO,
+ CODE_ISO} computationType = DESIGN_AUTO;
+- char comment[1024];
++ char comment[1024] = "";
+
+ /* Check whether the first parameters are iso, code, or matrix.
+ Set the computation type. */
+
+base-commit: 6824a6b57b515e0dbdd202eecd780948d2828726
+--
+2.45.2
+
diff -Nru gap-guava-3.19+ds/debian/patches/series gap-guava-3.19+ds/debian/patches/series
--- gap-guava-3.19+ds/debian/patches/series 2022-09-10 13:59:09.000000000 +0200
+++ gap-guava-3.19+ds/debian/patches/series 2024-08-21 13:00:25.000000000 +0200
@@ -1 +1,2 @@
debianization.patch
+0001-desauto-initialize-the-comment-array-to-a-sensible-v.patch
More information about the debian-science-maintainers
mailing list