Bug#1016256: bctoolbox: FTBFS: port.c:1500:49: error: pointer ‘result’ may be used after ‘realloc’ [-Werror=use-after-free]
Lucas Nussbaum
lucas at debian.org
Fri Jul 29 17:20:01 BST 2022
Source: bctoolbox
Version: 4.4.13-3
Severity: serious
Justification: FTBFS
Tags: bookworm sid ftbfs
User: lucas at debian.org
Usertags: ftbfs-20220728 ftbfs-bookworm
Hi,
During a rebuild of all packages in sid, your package failed to build
on amd64.
Relevant part (hopefully):
> cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/src && /usr/bin/cc -DHAVE_CONFIG_H -I/<<PKGBUILDDIR>>/include -I/<<PKGBUILDDIR>>/src -I/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wuninitialized -Wno-error=pragmas -Werror -Wextra -Wno-unused-parameter -Wno-error=unknown-pragmas -Wuninitialized -Wno-missing-field-initializers -fno-strict-aliasing -Wno-error=deprecated -Wno-error=deprecated-declarations -Werror -Wstrict-prototypes -MD -MT src/CMakeFiles/bctoolbox-static.dir/vfs.c.o -MF CMakeFiles/bctoolbox-static.dir/vfs.c.o.d -o CMakeFiles/bctoolbox-static.dir/vfs.c.o -c /<<PKGBUILDDIR>>/src/vfs.c
> /<<PKGBUILDDIR>>/src/utils/port.c:1500:49: error: pointer ‘result’ may be used after ‘realloc’ [-Werror=use-after-free]
> 1500 | wp = newp + (wp - result);
> | ~~~~^~~~~~~~~
> /<<PKGBUILDDIR>>/src/utils/port.c:1494:49: note: call to ‘realloc’ here
> 1494 | newp = (char *) realloc (result, allocated);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> [ 50%] Building CXX object src/CMakeFiles/bctoolbox.dir/containers/map.cc.o
> cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/src && /usr/bin/c++ -DHAVE_CONFIG_H -Dbctoolbox_EXPORTS -I/<<PKGBUILDDIR>>/include -I/<<PKGBUILDDIR>>/src -I/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -std=c++11 -Wall -Wuninitialized -Wno-error=pragmas -Werror -Wextra -Wno-unused-parameter -Wno-error=unknown-pragmas -Wuninitialized -Wno-missing-field-initializers -fno-strict-aliasing -Wno-error=deprecated -Wno-error=deprecated-declarations -MD -MT src/CMakeFiles/bctoolbox.dir/containers/map.cc.o -MF CMakeFiles/bctoolbox.dir/containers/map.cc.o.d -o CMakeFiles/bctoolbox.dir/containers/map.cc.o -c /<<PKGBUILDDIR>>/src/containers/map.cc
> [ 56%] Building C object src/CMakeFiles/bctoolbox-static.dir/crypto/crypto.c.o
> [ 56%] Building CXX object src/CMakeFiles/bctoolbox.dir/conversion/charconv_encoding.cc.o
> cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/src && /usr/bin/cc -DHAVE_CONFIG_H -I/<<PKGBUILDDIR>>/include -I/<<PKGBUILDDIR>>/src -I/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wuninitialized -Wno-error=pragmas -Werror -Wextra -Wno-unused-parameter -Wno-error=unknown-pragmas -Wuninitialized -Wno-missing-field-initializers -fno-strict-aliasing -Wno-error=deprecated -Wno-error=deprecated-declarations -Werror -Wstrict-prototypes -MD -MT src/CMakeFiles/bctoolbox-static.dir/crypto/crypto.c.o -MF CMakeFiles/bctoolbox-static.dir/crypto/crypto.c.o.d -o CMakeFiles/bctoolbox-static.dir/crypto/crypto.c.o -c /<<PKGBUILDDIR>>/src/crypto/crypto.c
> cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/src && /usr/bin/c++ -DHAVE_CONFIG_H -Dbctoolbox_EXPORTS -I/<<PKGBUILDDIR>>/include -I/<<PKGBUILDDIR>>/src -I/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -std=c++11 -Wall -Wuninitialized -Wno-error=pragmas -Werror -Wextra -Wno-unused-parameter -Wno-error=unknown-pragmas -Wuninitialized -Wno-missing-field-initializers -fno-strict-aliasing -Wno-error=deprecated -Wno-error=deprecated-declarations -MD -MT src/CMakeFiles/bctoolbox.dir/conversion/charconv_encoding.cc.o -MF CMakeFiles/bctoolbox.dir/conversion/charconv_encoding.cc.o.d -o CMakeFiles/bctoolbox.dir/conversion/charconv_encoding.cc.o -c /<<PKGBUILDDIR>>/src/conversion/charconv_encoding.cc
> /<<PKGBUILDDIR>>/src/utils/port.c: In function ‘bctbx_concat’:
> /<<PKGBUILDDIR>>/src/utils/port.c:1500:49: error: pointer ‘result’ may be used after ‘realloc’ [-Werror=use-after-free]
> 1500 | wp = newp + (wp - result);
> | ~~~~^~~~~~~~~
> /<<PKGBUILDDIR>>/src/utils/port.c:1494:49: note: call to ‘realloc’ here
> 1494 | newp = (char *) realloc (result, allocated);
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c: In function ‘bctbx_x509_certificate_get_fingerprint’:
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:452:25: warning: ‘mbedtls_sha1’ is deprecated [-Wdeprecated-declarations]
> 452 | mbedtls_sha1(crt->raw.p, crt->raw.len, buffer);
> | ^~~~~~~~~~~~
> In file included from /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:37:
> /usr/include/mbedtls/sha1.h:324:25: note: declared here
> 324 | MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
> | ^~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:458:25: warning: ‘mbedtls_sha256’ is deprecated [-Wdeprecated-declarations]
> 458 | mbedtls_sha256(crt->raw.p, crt->raw.len, buffer, 1); /* last argument is a boolean, indicate to output sha-224 and not sha-256 */
> | ^~~~~~~~~~~~~~
> In file included from /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:38:
> /usr/include/mbedtls/sha256.h:276:25: note: declared here
> 276 | MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
> | ^~~~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:464:25: warning: ‘mbedtls_sha256’ is deprecated [-Wdeprecated-declarations]
> 464 | mbedtls_sha256(crt->raw.p, crt->raw.len, buffer, 0);
> | ^~~~~~~~~~~~~~
> /usr/include/mbedtls/sha256.h:276:25: note: declared here
> 276 | MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
> | ^~~~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:470:25: warning: ‘mbedtls_sha512’ is deprecated [-Wdeprecated-declarations]
> 470 | mbedtls_sha512(crt->raw.p, crt->raw.len, buffer, 1); /* last argument is a boolean, indicate to output sha-384 and not sha-512 */
> | ^~~~~~~~~~~~~~
> In file included from /usr/include/mbedtls/entropy.h:34,
> from /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:34:
> /usr/include/mbedtls/sha512.h:293:25: note: declared here
> 293 | MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
> | ^~~~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:476:25: warning: ‘mbedtls_sha512’ is deprecated [-Wdeprecated-declarations]
> 476 | mbedtls_sha512(crt->raw.p, crt->raw.len, buffer, 0); /* last argument is a boolean, indicate to output sha-384 and not sha-512 */
> | ^~~~~~~~~~~~~~
> /usr/include/mbedtls/sha512.h:293:25: note: declared here
> 293 | MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
> | ^~~~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c: In function ‘bctbx_CreateDHMContext’:
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:736:25: warning: ‘mbedtls_deprecated_string_constant_t’ is deprecated [-Wdeprecated-declarations]
> 736 | if ((mbedtls_mpi_read_string(&(mbedtlsDhmContext->P), 16, MBEDTLS_DHM_RFC3526_MODP_2048_P) != 0) ||
> | ^~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:737:25: warning: ‘mbedtls_deprecated_string_constant_t’ is deprecated [-Wdeprecated-declarations]
> 737 | (mbedtls_mpi_read_string(&(mbedtlsDhmContext->G), 16, MBEDTLS_DHM_RFC3526_MODP_2048_G) != 0)) {
> | ^
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:745:25: warning: ‘mbedtls_deprecated_string_constant_t’ is deprecated [-Wdeprecated-declarations]
> 745 | if ((mbedtls_mpi_read_string(&(mbedtlsDhmContext->P), 16, MBEDTLS_DHM_RFC3526_MODP_3072_P) != 0) ||
> | ^~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:746:25: warning: ‘mbedtls_deprecated_string_constant_t’ is deprecated [-Wdeprecated-declarations]
> 746 | (mbedtls_mpi_read_string(&(mbedtlsDhmContext->G), 16, MBEDTLS_DHM_RFC3526_MODP_3072_G) != 0)) {
> | ^
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c: In function ‘bctbx_sha512’:
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:1489:9: warning: ‘mbedtls_sha512’ is deprecated [-Wdeprecated-declarations]
> 1489 | mbedtls_sha512(input, inputLength, hashOutput, 0); /* last param to zero to select SHA512 and not SHA384 */
> | ^~~~~~~~~~~~~~
> /usr/include/mbedtls/sha512.h:293:25: note: declared here
> 293 | MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
> | ^~~~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c: In function ‘bctbx_sha384’:
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:1513:9: warning: ‘mbedtls_sha512’ is deprecated [-Wdeprecated-declarations]
> 1513 | mbedtls_sha512(input, inputLength, hashOutput, 1); /* last param to one to select SHA384 and not SHA512 */
> | ^~~~~~~~~~~~~~
> /usr/include/mbedtls/sha512.h:293:25: note: declared here
> 293 | MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
> | ^~~~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c: In function ‘bctbx_sha256’:
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:1537:9: warning: ‘mbedtls_sha256’ is deprecated [-Wdeprecated-declarations]
> 1537 | mbedtls_sha256(input, inputLength, hashOutput, 0); /* last param to zero to select SHA256 and not SHA224 */
> | ^~~~~~~~~~~~~~
> /usr/include/mbedtls/sha256.h:276:25: note: declared here
> 276 | MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
> | ^~~~~~~~~~~~~~
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c: In function ‘bctbx_md5’:
> /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:1588:9: warning: ‘mbedtls_md5’ is deprecated [-Wdeprecated-declarations]
> 1588 | mbedtls_md5(input, inputLength, output);
> | ^~~~~~~~~~~
> In file included from /<<PKGBUILDDIR>>/src/crypto/mbedtls.c:36:
> /usr/include/mbedtls/md5.h:283:25: note: declared here
> 283 | MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
> | ^~~~~~~~~~~
> [ 60%] Building C object src/CMakeFiles/bctoolbox-static.dir/crypto/mbedtls.c.o
> cd /<<PKGBUILDDIR>>/obj-x86_64-linux-gnu/src && /usr/bin/cc -DHAVE_CONFIG_H -I/<<PKGBUILDDIR>>/include -I/<<PKGBUILDDIR>>/src -I/<<PKGBUILDDIR>>/obj-x86_64-linux-gnu -g -O2 -ffile-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wuninitialized -Wno-error=pragmas -Werror -Wextra -Wno-unused-parameter -Wno-error=unknown-pragmas -Wuninitialized -Wno-missing-field-initializers -fno-strict-aliasing -Wno-error=deprecated -Wno-error=deprecated-declarations -Werror -Wstrict-prototypes -MD -MT src/CMakeFiles/bctoolbox-static.dir/crypto/mbedtls.c.o -MF CMakeFiles/bctoolbox-static.dir/crypto/mbedtls.c.o.d -o CMakeFiles/bctoolbox-static.dir/crypto/mbedtls.c.o -c /<<PKGBUILDDIR>>/src/crypto/mbedtls.c
> cc1: all warnings being treated as errors
> make[3]: *** [src/CMakeFiles/bctoolbox.dir/build.make:121: src/CMakeFiles/bctoolbox.dir/utils/port.c.o] Error 1
The full build log is available from:
http://qa-logs.debian.net/2022/07/28/bctoolbox_4.4.13-3_unstable.log
All bugs filed during this archive rebuild are listed at:
https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20220728;users=lucas@debian.org
or:
https://udd.debian.org/bugs/?release=na&merged=ign&fnewerval=7&flastmodval=7&fusertag=only&fusertagtag=ftbfs-20220728&fusertaguser=lucas@debian.org&allbugs=1&cseverity=1&ctags=1&caffected=1#results
A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
If you reassign this bug to another package, please marking it as 'affects'-ing
this package. See https://www.debian.org/Bugs/server-control#affects
If you fail to reproduce this, please provide a build log and diff it with mine
so that we can identify if something relevant changed in the meantime.
More information about the Pkg-voip-maintainers
mailing list