Bug 1255079
Summary: | pkcon - can not confirm installation/removing component | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Ladislav Kolacek <lkolacek> | ||||
Component: | PackageKit | Assignee: | Richard Hughes <rhughes> | ||||
Status: | CLOSED ERRATA | QA Contact: | Desktop QE <desktop-qa-list> | ||||
Severity: | urgent | Docs Contact: | |||||
Priority: | urgent | ||||||
Version: | 7.2 | CC: | ashankar, codonell, lkolacek, mcepl, mclasen, mnewsome, pfrankli, richard, tpelka, vbenes | ||||
Target Milestone: | rc | ||||||
Target Release: | --- | ||||||
Hardware: | ppc64 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | PackageKit-1.0.7-6.el7 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2016-11-04 06:20:00 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 1295396, 1297830, 1313485 | ||||||
Attachments: |
|
Description
Ladislav Kolacek
2015-08-19 14:47:30 UTC
We're using the same unbuffered input code as PolicyKit, polkitagenttextlistener.c -- I'm guessing that experiences the same bug on ppc64? I assume you can't reproduce this on any other architecture? If termios.h isn't working, this points to a bigger bug with glibc. Reassigning.... Created attachment 1129774 [details]
test case
Richard, Awesome test case. That's exactly what we need. The code you posted is BE-unsafe, and ppc64 is a BE target. 44 gint c; 45 c = getc (tty); This stores the value read from the tty in BE to an integer sized object. 46 if (c == '\n') { 47 /* ok, done */ 48 break; 49 } else if (c == EOF) { 50 g_warning ("Got unexpected EOF."); 51 break; 52 } else { 53 g_string_append_len (str, (const gchar *) &c, 1); The '&c' points to start of the integer sized object, which has a value of 0x0 for a character sized object e.g. { &c->[0x0], 0x0, 0x0, 0x59 'Y' }. This makes the code BE-unsafe. To fix this requires a type conversion. You need to do this: gchar gc = (gchar) c; g_string_append_len (str, (const gchar *) &gc, 1); Knowing that `c` won't have a value of EOF, you can safely cast it to a gchar and convert the value (potentially loosing the value of the EOF, but you already checked for it earlier). Then the address of `gc` will point to the valid character value. This is a somewhat classic BE-unsafe thing to do, which works fine on LE targets like x86_64 e.g. { &c->[0x59], 0x0, 0x0, 0x0}. This should also work fine on ppc64le. You should audit your code for BE-unsafe operations like this since ppc64 is not going away any time soon. Hi Carlos -- thanks for the detailed report, I learned a lesson today. Thanks! Is this sort of BE-unsafe casting not getting flagged by compiler warnings or coverity checks ? PolicyKit has the same bug so I filed it here: https://bugzilla.redhat.com/show_bug.cgi?id=1311648 commit 710a9445777793e49160587882860cbb7b43e311 Author: Richard Hughes <richard> Date: Mon May 16 15:27:35 2016 +0100 Make pk_console_get_prompt() big endian safe Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1255079 I could remove and reinstall gpm-libs just with pkcon. Confirmation dialog works. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2425.html |