1582024 – There is a invalid free in compileFile in compileTranslationTable.c.

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1582024 - There is a invalid free in compileFile in compileTranslationTable.c.

Summary: There is a invalid free in compileFile in compileTranslationTable.c.

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	liblouis
Sub Component:
Version:	7.5-Alt
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	David King
QA Contact:	Desktop QE
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-05-24 01:28 UTC by c1208828
Modified:	2021-02-15 07:38 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-02-15 07:38:58 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Triggered by ./lou_checktable POC (4.82 KB, application/octet-stream) 2018-05-24 01:28 UTC, c1208828	no flags	Details
proposed fix (1.04 KB, patch) 2018-05-24 22:49 UTC, Samuel Thibault	no flags	Details \| Diff
View All

Description c1208828 2018-05-24 01:28:17 UTC

Created attachment 1440912 [details]
Triggered by ./lou_checktable POC

Description of problem:


Version-Release number of selected component (if applicable):
3.5.0

How reproducible:
./lou_checktable POC

Steps to Reproduce:
The output information is as follows:
POC:1: error: opcode 'mma' not defined.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: error: characters not specified.
POC:2: error: Dots operand not specified.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: error: Characters operand not specified.
POC:3: error: characters not specified.
POC:3: error: Dots operand not specified.
POC:4: error: characters not specified.
POC:4: error: Dots operand not specified.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: error: Dots operand not specified.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: error: invalid dot number '\x00a1'.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: error: Characters operand not specified.
POC:7: error: characters not specified.
POC:7: error: Dots operand not specified.
POC:8: error: opcode 'mma' not defined.
POC:9: error: opcode 'matc\x00a9a' not defined.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: error: characters not specified.
POC:10: error: Dots operand not specified.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: error: invalid dot number '@'.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: error: Dots operand not specified.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: error: Characters operand not specified.
POC:13: error: characters not specified.
POC:13: error: Dots operand not specified.
POC:14: error: opcode 'm_a' not defined.
POC:15: error: opcode 'matJh' not defined.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: error: Characters operand not specified.
POC:16: error: characters not specified.
POC:16: error: Dots operand not specified.
POC:17: error: opcode 'm' not defined.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: error: Dots operand not specified.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: error: Characters operand not specified.
POC:19: error: characters not specified.
POC:19: error: Dots operand not specified.
POC:20: error: opcode 'mma' not defined.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: error: invalid dot number '!'.
POC:22: error: opcode '\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00bd\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00c3\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00a2\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa' not defined.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: error: Characters operand not specified.
POC:23: error: characters not specified.
POC:23: error: Dots operand not specified.
*** Error in `./lou_checktable': free(): invalid next size (normal): 0x0000000001b79e30 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f215f28e7e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7f215f29737a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f215f29b53c]
./lou_checktable[0x444050]
./lou_checktable[0x459c31]
./lou_checktable[0x45f062]
./lou_checktable[0x407ca0]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7f215f237830]
./lou_checktable[0x407e39]
======= Memory map: ========
00400000-00489000 r-xp 00000000 103:02 84421899                          /home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable
00688000-00689000 r--p 00088000 103:02 84421899                          /home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable
00689000-0068a000 rw-p 00089000 103:02 84421899                          /home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable
0068a000-00690000 rw-p 00000000 00:00 0 
01b69000-01b98000 rw-p 00000000 00:00 0                                  [heap]
7f2158000000-7f2158021000 rw-p 00000000 00:00 0 
7f2158021000-7f215c000000 ---p 00000000 00:00 0 
7f215f001000-7f215f017000 r-xp 00000000 103:01 23724567                  /lib/x86_64-linux-gnu/libgcc_s.so.1
7f215f017000-7f215f216000 ---p 00016000 103:01 23724567                  /lib/x86_64-linux-gnu/libgcc_s.so.1
7f215f216000-7f215f217000 rw-p 00015000 103:01 23724567                  /lib/x86_64-linux-gnu/libgcc_s.so.1
7f215f217000-7f215f3d7000 r-xp 00000000 103:01 23726881                  /lib/x86_64-linux-gnu/libc-2.23.so
7f215f3d7000-7f215f5d7000 ---p 001c0000 103:01 23726881                  /lib/x86_64-linux-gnu/libc-2.23.so
7f215f5d7000-7f215f5db000 r--p 001c0000 103:01 23726881                  /lib/x86_64-linux-gnu/libc-2.23.so
7f215f5db000-7f215f5dd000 rw-p 001c4000 103:01 23726881                  /lib/x86_64-linux-gnu/libc-2.23.so
7f215f5dd000-7f215f5e1000 rw-p 00000000 00:00 0 
7f215f5e1000-7f215f607000 r-xp 00000000 103:01 23726879                  /lib/x86_64-linux-gnu/ld-2.23.so
7f215f7da000-7f215f7dd000 rw-p 00000000 00:00 0 
7f215f805000-7f215f806000 rw-p 00000000 00:00 0 
7f215f806000-7f215f807000 r--p 00025000 103:01 23726879                  /lib/x86_64-linux-gnu/ld-2.23.so
7f215f807000-7f215f808000 rw-p 00026000 103:01 23726879                  /lib/x86_64-linux-gnu/ld-2.23.so
7f215f808000-7f215f809000 rw-p 00000000 00:00 0 
7ffe01f87000-7ffe01fa8000 rw-p 00000000 00:00 0                          [stack]
7ffe01fbe000-7ffe01fc1000 r--p 00000000 00:00 0                          [vvar]
7ffe01fc1000-7ffe01fc3000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted (core dumped)

GDB debugging information is as follows:

(gdb) set args POC
(gdb) r

POC:1: error: opcode 'mma' not defined.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: warning: invalid UTF-8. Assuming Latin-1.
POC:2: error: characters not specified.
POC:2: error: Dots operand not specified.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: warning: invalid UTF-8. Assuming Latin-1.
POC:3: error: Characters operand not specified.
POC:3: error: characters not specified.
POC:3: error: Dots operand not specified.
POC:4: error: characters not specified.
POC:4: error: Dots operand not specified.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: warning: invalid UTF-8. Assuming Latin-1.
POC:5: error: Dots operand not specified.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: warning: invalid UTF-8. Assuming Latin-1.
POC:6: error: invalid dot number '\x00a1'.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: warning: invalid UTF-8. Assuming Latin-1.
POC:7: error: Characters operand not specified.
POC:7: error: characters not specified.
POC:7: error: Dots operand not specified.
POC:8: error: opcode 'mma' not defined.
POC:9: error: opcode 'matc\x00a9a' not defined.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: warning: invalid UTF-8. Assuming Latin-1.
POC:10: error: characters not specified.
POC:10: error: Dots operand not specified.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: warning: invalid UTF-8. Assuming Latin-1.
POC:11: error: invalid dot number '@'.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: warning: invalid UTF-8. Assuming Latin-1.
POC:12: error: Dots operand not specified.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: warning: invalid UTF-8. Assuming Latin-1.
POC:13: error: Characters operand not specified.
POC:13: error: characters not specified.
POC:13: error: Dots operand not specified.
POC:14: error: opcode 'm_a' not defined.
POC:15: error: opcode 'matJh' not defined.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: warning: invalid UTF-8. Assuming Latin-1.
POC:16: error: Characters operand not specified.
POC:16: error: characters not specified.
POC:16: error: Dots operand not specified.
POC:17: error: opcode 'm' not defined.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: warning: invalid UTF-8. Assuming Latin-1.
POC:18: error: Dots operand not specified.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: warning: invalid UTF-8. Assuming Latin-1.
POC:19: error: Characters operand not specified.
POC:19: error: characters not specified.
POC:19: error: Dots operand not specified.
POC:20: error: opcode 'mma' not defined.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: warning: invalid UTF-8. Assuming Latin-1.
POC:21: error: invalid dot number '!'.
POC:22: error: opcode '\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00bd\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00c3\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00a2\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa\x00aa' not defined.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: warning: invalid UTF-8. Assuming Latin-1.
POC:23: error: Characters operand not specified.
POC:23: error: characters not specified.
POC:23: error: Dots operand not specified.
*** Error in `/home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable': free(): invalid next size (normal): 0x00000000006a0e30 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7ffff7a847e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7ffff7a8d37a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7ffff7a9153c]
/home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable[0x444050]
/home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable[0x459c31]
/home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable[0x45f062]
/home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable[0x407ca0]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7ffff7a2d830]
/home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable[0x407e39]
======= Memory map: ========
00400000-00489000 r-xp 00000000 103:02 84421899                          /home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable
00688000-00689000 r--p 00088000 103:02 84421899                          /home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable
00689000-0068a000 rw-p 00089000 103:02 84421899                          /home/afl/modify/afl-2.39b/eval/checktable/avg/crashes/lou_checktable
0068a000-006bf000 rw-p 00000000 00:00 0                                  [heap]
7ffff0000000-7ffff0021000 rw-p 00000000 00:00 0 
7ffff0021000-7ffff4000000 ---p 00000000 00:00 0 
7ffff77f7000-7ffff780d000 r-xp 00000000 103:01 23724567                  /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff780d000-7ffff7a0c000 ---p 00016000 103:01 23724567                  /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff7a0c000-7ffff7a0d000 rw-p 00015000 103:01 23724567                  /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff7a0d000-7ffff7bcd000 r-xp 00000000 103:01 23726881                  /lib/x86_64-linux-gnu/libc-2.23.so
7ffff7bcd000-7ffff7dcd000 ---p 001c0000 103:01 23726881                  /lib/x86_64-linux-gnu/libc-2.23.so
7ffff7dcd000-7ffff7dd1000 r--p 001c0000 103:01 23726881                  /lib/x86_64-linux-gnu/libc-2.23.so
7ffff7dd1000-7ffff7dd3000 rw-p 001c4000 103:01 23726881                  /lib/x86_64-linux-gnu/libc-2.23.so
7ffff7dd3000-7ffff7dd7000 rw-p 00000000 00:00 0 
7ffff7dd7000-7ffff7dfd000 r-xp 00000000 103:01 23726879                  /lib/x86_64-linux-gnu/ld-2.23.so
7ffff7fcb000-7ffff7fce000 rw-p 00000000 00:00 0 
7ffff7ff6000-7ffff7ff7000 rw-p 00000000 00:00 0 
7ffff7ff7000-7ffff7ffa000 r--p 00000000 00:00 0                          [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0                          [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00025000 103:01 23726879                  /lib/x86_64-linux-gnu/ld-2.23.so
7ffff7ffd000-7ffff7ffe000 rw-p 00026000 103:01 23726879                  /lib/x86_64-linux-gnu/ld-2.23.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0 
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0                          [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

Program received signal SIGABRT, Aborted.
0x00007ffff7a42428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
54	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007ffff7a42428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1  0x00007ffff7a4402a in __GI_abort () at abort.c:89
#2  0x00007ffff7a847ea in __libc_message (do_abort=do_abort@entry=2, 
    fmt=fmt@entry=0x7ffff7b9ded8 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:175
#3  0x00007ffff7a8d37a in malloc_printerr (ar_ptr=<optimized out>, ptr=<optimized out>, 
    str=0x7ffff7b9e030 "free(): invalid next size (normal)", action=3) at malloc.c:5006
#4  _int_free (av=<optimized out>, p=<optimized out>, have_lock=0) at malloc.c:3867
#5  0x00007ffff7a9153c in __GI___libc_free (mem=<optimized out>) at malloc.c:2968
#6  0x0000000000444050 in compileRule (nested=nested@entry=0x7fffffffd2b0, table=table@entry=0x7fffffffe330, 
    ruleNames=0x68dc80 <gRuleNames>, newRule=0x68dc88 <gNewRule>, newRuleOffset=0x68dc90 <gNewRuleOffset>, 
    opcodeLengths=0x68dca0 <gOpcodeLengths>, characterClassAttribute=0x68dd80 <gCharacterClassAttribute>, 
    characterClasses=0x68dd88 <gCharacterClasses>) at compileTranslationTable.c:4186
#7  0x0000000000459c31 in compileFile (fileName=<optimized out>, table=table@entry=0x7fffffffe330, 
    ruleNames=0x68dc80 <gRuleNames>, newRule=0x68dc88 <gNewRule>, newRuleOffset=0x68dc90 <gNewRuleOffset>, 
    opcodeLengths=0x68dca0 <gOpcodeLengths>, characterClassAttribute=0x68dd80 <gCharacterClassAttribute>, 
    characterClasses=0x68dd88 <gCharacterClasses>) at compileTranslationTable.c:4501
#8  0x000000000045f062 in compileTranslationTable (characterClasses=0x68dd88 <gCharacterClasses>, 
    characterClassAttribute=0x68dd80 <gCharacterClassAttribute>, opcodeLengths=0x68dca0 <gOpcodeLengths>, 
    newRuleOffset=0x68dc90 <gNewRuleOffset>, newRule=0x68dc88 <gNewRule>, ruleNames=0x68dc80 <gRuleNames>, 
    tableList=0x7fffffffe702 "POC") at compileTranslationTable.c:4606
#9  lou_getTable (tableList=0x7fffffffe702 "POC") at compileTranslationTable.c:4691
#10 0x0000000000407ca0 in main (argc=2, argv=0x7fffffffe478) at lou_checktable.c:112

(gdb) l
4181			compileError(nested, "unimplemented opcode.");
4182			ok = 0;
4183			break;
4184		}
4185	
4186		if (patterns != NULL) free(patterns);
4187	
4188		return ok;
4189	}
4190

Actual results:
crash

Expected results:
crash

Additional info:

Comment 2 Samuel Thibault 2018-05-24 22:49:36 UTC

Created attachment 1441285 [details]
proposed fix

I have raised the issue to upstream:

https://github.com/liblouis/liblouis/issues/573

and proposed the attached patch. Could you check whether you can build another POC against it?

Comment 3 c1208828 2018-05-25 14:04:09 UTC

The patch works well. Thanks!

Comment 6 RHEL Program Management 2021-02-15 07:38:58 UTC

After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.

Note You need to log in before you can comment on or make changes to this bug.