Hide Forgot
Description of problem: Error in poc, please refer the result section for details. Version-Release number of selected component (if applicable): gettext-0.19.8.1-18.fc30.x86_64 How reproducible: Always Steps to Reproduce: 1. Clone https://github.com/CCCCCrash/POCs.git. 2. Run valgrind msgfmt poc command. 3. Observe the output. Actual results: [poyadav@localhost doublefree]$ valgrind msgfmt poc ==8072== Memcheck, a memory error detector ==8072== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==8072== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info ==8072== Command: msgfmt poc ==8072== ==8072== Conditional jump or move depends on uninitialised value(s) ==8072== at 0x48D9940: freea (in /usr/lib64/libgettextlib-0.19.8.1.so) ==8072== by 0x487E8EA: po_lex_charset_set (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487E098: po_gram_parse (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487EB9A: ??? (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487A773: catalog_reader_parse (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x10E7C7: ??? (in /usr/bin/msgfmt) ==8072== by 0x10D8EB: ??? (in /usr/bin/msgfmt) ==8072== by 0x4AABF32: (below main) (in /usr/lib64/libc-2.29.so) ==8072== poc:17: duplicate message definition... poc:16: ...this is the location of the first definition poc:18:3: syntax error poc:18: keyword "n" unknown poc:19: end-of-line within string poc:28: duplicate message definition... poc:24: ...this is the location of the first definition poc:35: keyword "msgud_plural" unknown poc:34: missing 'msgstr' section poc:35:13: syntax error poc:40: end-of-line within string poc:46: end-of-line within string poc: warning: Charset missing in header. Message conversion to user's charset will not work. poc:42: duplicate message definition... poc:6: ...this is the location of the first definition poc:46:2: syntax error poc:46: keyword "Ep" unknown poc:47: keyword "C" unknown poc:48: keyword "s" unknown poc:49: keyword "bo" unknown poc:50: keyword "S" unknown poc:50:236: invalid control sequence poc:50:397: invalid control sequence poc:51: end-of-line within string msgfmt: too many errors, aborting ==8072== ==8072== HEAP SUMMARY: ==8072== in use at exit: 59,783 bytes in 123 blocks ==8072== total heap usage: 547 allocs, 424 frees, 99,479 bytes allocated ==8072== ==8072== LEAK SUMMARY: ==8072== definitely lost: 650 bytes in 82 blocks ==8072== indirectly lost: 0 bytes in 0 blocks ==8072== possibly lost: 0 bytes in 0 blocks ==8072== still reachable: 59,133 bytes in 41 blocks ==8072== suppressed: 0 bytes in 0 blocks ==8072== Rerun with --leak-check=full to see details of leaked memory ==8072== ==8072== Use --track-origins=yes to see where uninitialised values come from ==8072== For lists of detected and suppressed errors, rerun with: -s ==8072== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) Expected results: No errors. Additional info:
with gettext-0.20.1-3.fc31.x86_64 [suanand@localhost doublefree]$ valgrind msgfmt poc ==16488== Memcheck, a memory error detector ==16488== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==16488== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info ==16488== Command: msgfmt poc ==16488== poc:17: duplicate message definition... poc:16: ...this is the location of the first definition poc:18:3: syntax error poc:18: keyword "n" unknown poc:19: end-of-line within string poc:28: duplicate message definition... poc:24: ...this is the location of the first definition poc:35: keyword "msgud_plural" unknown poc:34: missing 'msgstr' section poc:35:13: syntax error poc:40: end-of-line within string poc:46: end-of-line within string poc: warning: Charset missing in header. Message conversion to user's charset will not work. poc:42: duplicate message definition... poc:6: ...this is the location of the first definition poc:46:2: syntax error poc:46: keyword "Ep" unknown poc:47: keyword "C" unknown poc:48: keyword "s" unknown poc:49: keyword "bo" unknown poc:50: keyword "S" unknown poc:50:236: invalid control sequence poc:50:397: invalid control sequence poc:51: end-of-line within string msgfmt: too many errors, aborting ==16488== ==16488== HEAP SUMMARY: ==16488== in use at exit: 59,727 bytes in 123 blocks ==16488== total heap usage: 547 allocs, 424 frees, 99,367 bytes allocated ==16488== ==16488== LEAK SUMMARY: ==16488== definitely lost: 650 bytes in 82 blocks ==16488== indirectly lost: 0 bytes in 0 blocks ==16488== possibly lost: 0 bytes in 0 blocks ==16488== still reachable: 59,077 bytes in 41 blocks ==16488== suppressed: 0 bytes in 0 blocks ==16488== Rerun with --leak-check=full to see details of leaked memory ==16488== ==16488== For lists of detected and suppressed errors, rerun with: -s ==16488== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) Though we have msgfmt reporting errors and some memory leaks as well; valgrind says 0 errors for memory error!
(In reply to Sundeep Anand from comment #1) > with gettext-0.20.1-3.fc31.x86_64 > > [suanand@localhost doublefree]$ valgrind msgfmt poc > ==16488== Memcheck, a memory error detector > ==16488== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. > ==16488== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info > ==16488== Command: msgfmt poc > ==16488== > poc:17: duplicate message definition... > poc:16: ...this is the location of the first definition > poc:18:3: syntax error > poc:18: keyword "n" unknown > poc:19: end-of-line within string > poc:28: duplicate message definition... > poc:24: ...this is the location of the first definition > poc:35: keyword "msgud_plural" unknown > poc:34: missing 'msgstr' section > poc:35:13: syntax error > poc:40: end-of-line within string > poc:46: end-of-line within string > poc: warning: Charset missing in header. > Message conversion to user's charset will not work. > poc:42: duplicate message definition... > poc:6: ...this is the location of the first definition > poc:46:2: syntax error > poc:46: keyword "Ep" unknown > poc:47: keyword "C" unknown > poc:48: keyword "s" unknown > poc:49: keyword "bo" unknown > poc:50: keyword "S" unknown > poc:50:236: invalid control sequence > poc:50:397: invalid control sequence > poc:51: end-of-line within string > msgfmt: too many errors, aborting > ==16488== > ==16488== HEAP SUMMARY: > ==16488== in use at exit: 59,727 bytes in 123 blocks > ==16488== total heap usage: 547 allocs, 424 frees, 99,367 bytes allocated > ==16488== > ==16488== LEAK SUMMARY: > ==16488== definitely lost: 650 bytes in 82 blocks > ==16488== indirectly lost: 0 bytes in 0 blocks > ==16488== possibly lost: 0 bytes in 0 blocks > ==16488== still reachable: 59,077 bytes in 41 blocks > ==16488== suppressed: 0 bytes in 0 blocks > ==16488== Rerun with --leak-check=full to see details of leaked memory > ==16488== > ==16488== For lists of detected and suppressed errors, rerun with: -s > ==16488== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) > > Though we have msgfmt reporting errors and some memory leaks as well; > valgrind says 0 errors for memory error! Yes, correct with gettext-0.20.1-4.fc32.x86_64 also,valgrind says ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
This message is a reminder that Fedora 32 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 32 on 2021-05-25. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '32'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 32 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
This bug appears to have been reported against 'rawhide' during the Fedora 35 development cycle. Changing version to 35.