Description of problem: Error in poc, please refer the result section for details. Version-Release number of selected component (if applicable): gettext-0.19.8.1-18.fc30.x86_64 How reproducible: Always Steps to Reproduce: 1. Clone https://github.com/CCCCCrash/POCs.git. 2. Run valgrind msgfmt poc command. 3. Observe the output. Actual results: [poyadav@localhost doublefree]$ valgrind msgfmt poc ==8072== Memcheck, a memory error detector ==8072== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==8072== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info ==8072== Command: msgfmt poc ==8072== ==8072== Conditional jump or move depends on uninitialised value(s) ==8072== at 0x48D9940: freea (in /usr/lib64/libgettextlib-0.19.8.1.so) ==8072== by 0x487E8EA: po_lex_charset_set (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487E098: po_gram_parse (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487EB9A: ??? (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487A773: catalog_reader_parse (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x10E7C7: ??? (in /usr/bin/msgfmt) ==8072== by 0x10D8EB: ??? (in /usr/bin/msgfmt) ==8072== by 0x4AABF32: (below main) (in /usr/lib64/libc-2.29.so) ==8072== poc:17: duplicate message definition... poc:16: ...this is the location of the first definition poc:18:3: syntax error poc:18: keyword "n" unknown poc:19: end-of-line within string poc:28: duplicate message definition... poc:24: ...this is the location of the first definition poc:35: keyword "msgud_plural" unknown poc:34: missing 'msgstr' section poc:35:13: syntax error poc:40: end-of-line within string poc:46: end-of-line within string poc: warning: Charset missing in header. Message conversion to user's charset will not work. poc:42: duplicate message definition... poc:6: ...this is the location of the first definition poc:46:2: syntax error poc:46: keyword "Ep" unknown poc:47: keyword "C" unknown poc:48: keyword "s" unknown poc:49: keyword "bo" unknown poc:50: keyword "S" unknown poc:50:236: invalid control sequence poc:50:397: invalid control sequence poc:51: end-of-line within string msgfmt: too many errors, aborting ==8072== ==8072== HEAP SUMMARY: ==8072== in use at exit: 59,783 bytes in 123 blocks ==8072== total heap usage: 547 allocs, 424 frees, 99,479 bytes allocated ==8072== ==8072== LEAK SUMMARY: ==8072== definitely lost: 650 bytes in 82 blocks ==8072== indirectly lost: 0 bytes in 0 blocks ==8072== possibly lost: 0 bytes in 0 blocks ==8072== still reachable: 59,133 bytes in 41 blocks ==8072== suppressed: 0 bytes in 0 blocks ==8072== Rerun with --leak-check=full to see details of leaked memory ==8072== ==8072== Use --track-origins=yes to see where uninitialised values come from ==8072== For lists of detected and suppressed errors, rerun with: -s ==8072== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) Expected results: No errors. Additional info:
with gettext-0.20.1-3.fc31.x86_64 [suanand@localhost doublefree]$ valgrind msgfmt poc ==16488== Memcheck, a memory error detector ==16488== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==16488== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info ==16488== Command: msgfmt poc ==16488== poc:17: duplicate message definition... poc:16: ...this is the location of the first definition poc:18:3: syntax error poc:18: keyword "n" unknown poc:19: end-of-line within string poc:28: duplicate message definition... poc:24: ...this is the location of the first definition poc:35: keyword "msgud_plural" unknown poc:34: missing 'msgstr' section poc:35:13: syntax error poc:40: end-of-line within string poc:46: end-of-line within string poc: warning: Charset missing in header. Message conversion to user's charset will not work. poc:42: duplicate message definition... poc:6: ...this is the location of the first definition poc:46:2: syntax error poc:46: keyword "Ep" unknown poc:47: keyword "C" unknown poc:48: keyword "s" unknown poc:49: keyword "bo" unknown poc:50: keyword "S" unknown poc:50:236: invalid control sequence poc:50:397: invalid control sequence poc:51: end-of-line within string msgfmt: too many errors, aborting ==16488== ==16488== HEAP SUMMARY: ==16488== in use at exit: 59,727 bytes in 123 blocks ==16488== total heap usage: 547 allocs, 424 frees, 99,367 bytes allocated ==16488== ==16488== LEAK SUMMARY: ==16488== definitely lost: 650 bytes in 82 blocks ==16488== indirectly lost: 0 bytes in 0 blocks ==16488== possibly lost: 0 bytes in 0 blocks ==16488== still reachable: 59,077 bytes in 41 blocks ==16488== suppressed: 0 bytes in 0 blocks ==16488== Rerun with --leak-check=full to see details of leaked memory ==16488== ==16488== For lists of detected and suppressed errors, rerun with: -s ==16488== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) Though we have msgfmt reporting errors and some memory leaks as well; valgrind says 0 errors for memory error!
(In reply to Sundeep Anand from comment #1) > with gettext-0.20.1-3.fc31.x86_64 > > [suanand@localhost doublefree]$ valgrind msgfmt poc > ==16488== Memcheck, a memory error detector > ==16488== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. > ==16488== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info > ==16488== Command: msgfmt poc > ==16488== > poc:17: duplicate message definition... > poc:16: ...this is the location of the first definition > poc:18:3: syntax error > poc:18: keyword "n" unknown > poc:19: end-of-line within string > poc:28: duplicate message definition... > poc:24: ...this is the location of the first definition > poc:35: keyword "msgud_plural" unknown > poc:34: missing 'msgstr' section > poc:35:13: syntax error > poc:40: end-of-line within string > poc:46: end-of-line within string > poc: warning: Charset missing in header. > Message conversion to user's charset will not work. > poc:42: duplicate message definition... > poc:6: ...this is the location of the first definition > poc:46:2: syntax error > poc:46: keyword "Ep" unknown > poc:47: keyword "C" unknown > poc:48: keyword "s" unknown > poc:49: keyword "bo" unknown > poc:50: keyword "S" unknown > poc:50:236: invalid control sequence > poc:50:397: invalid control sequence > poc:51: end-of-line within string > msgfmt: too many errors, aborting > ==16488== > ==16488== HEAP SUMMARY: > ==16488== in use at exit: 59,727 bytes in 123 blocks > ==16488== total heap usage: 547 allocs, 424 frees, 99,367 bytes allocated > ==16488== > ==16488== LEAK SUMMARY: > ==16488== definitely lost: 650 bytes in 82 blocks > ==16488== indirectly lost: 0 bytes in 0 blocks > ==16488== possibly lost: 0 bytes in 0 blocks > ==16488== still reachable: 59,077 bytes in 41 blocks > ==16488== suppressed: 0 bytes in 0 blocks > ==16488== Rerun with --leak-check=full to see details of leaked memory > ==16488== > ==16488== For lists of detected and suppressed errors, rerun with: -s > ==16488== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) > > Though we have msgfmt reporting errors and some memory leaks as well; > valgrind says 0 errors for memory error! Yes, correct with gettext-0.20.1-4.fc32.x86_64 also,valgrind says ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
This message is a reminder that Fedora 32 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 32 on 2021-05-25. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '32'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 32 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.
This bug appears to have been reported against 'rawhide' during the Fedora 35 development cycle. Changing version to 35.
So could this be closed then??
This message is a reminder that Fedora Linux 35 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora Linux 35 on 2022-12-13. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a 'version' of '35'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, change the 'version' to a later Fedora Linux version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora Linux 35 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora Linux, you are encouraged to change the 'version' to a later version prior to this bug being closed.
[suanand@fedora doublefree]$ gettext --version gettext (GNU gettext-runtime) 0.21 Copyright (C) 1995-2020 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Written by Ulrich Drepper. [suanand@fedora doublefree]$ valgrind msgfmt poc ==26634== Memcheck, a memory error detector ==26634== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al. ==26634== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info ==26634== Command: msgfmt poc ==26634== poc:17: duplicate message definition... poc:16: ...this is the location of the first definition poc:18:3: syntax error poc:18: keyword "n" unknown poc:19: end-of-line within string poc:28: duplicate message definition... poc:24: ...this is the location of the first definition poc:35: keyword "msgud_plural" unknown poc:34: missing 'msgstr' section poc:35:13: syntax error poc:40: end-of-line within string poc:46: end-of-line within string poc: warning: Charset missing in header. Message conversion to user's charset will not work. poc:42: duplicate message definition... poc:6: ...this is the location of the first definition poc:46:2: syntax error poc:46: keyword "Ep" unknown poc:47: keyword "C" unknown poc:48: keyword "s" unknown poc:49: keyword "bo" unknown poc:50: keyword "S" unknown poc:50:236: invalid control sequence poc:50:397: invalid control sequence poc:51: end-of-line within string msgfmt: too many errors, aborting ==26634== ==26634== HEAP SUMMARY: ==26634== in use at exit: 41,139 bytes in 117 blocks ==26634== total heap usage: 578 allocs, 461 frees, 84,922 bytes allocated ==26634== ==26634== LEAK SUMMARY: ==26634== definitely lost: 650 bytes in 82 blocks ==26634== indirectly lost: 0 bytes in 0 blocks ==26634== possibly lost: 0 bytes in 0 blocks ==26634== still reachable: 40,489 bytes in 35 blocks ==26634== suppressed: 0 bytes in 0 blocks ==26634== Rerun with --leak-check=full to see details of leaked memory ==26634== ==26634== For lists of detected and suppressed errors, rerun with: -s ==26634== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) This looks better with latest gettext.