Hide Forgot
Description of problem: Error in poc, please refer the result section for details. Version-Release number of selected component (if applicable): gettext-0.19.8.1-18.fc30.x86_64 How reproducible: Always Steps to Reproduce: 1. Clone https://github.com/CCCCCrash/POCs.git. 2. Run valgrind msgfmt poc command. 3. Observe the output. Actual results: [poyadav@localhost doublefree]$ valgrind msgfmt poc ==8072== Memcheck, a memory error detector ==8072== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==8072== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info ==8072== Command: msgfmt poc ==8072== ==8072== Conditional jump or move depends on uninitialised value(s) ==8072== at 0x48D9940: freea (in /usr/lib64/libgettextlib-0.19.8.1.so) ==8072== by 0x487E8EA: po_lex_charset_set (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487E098: po_gram_parse (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487EB9A: ??? (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x487A773: catalog_reader_parse (in /usr/lib64/libgettextsrc-0.19.8.1.so) ==8072== by 0x10E7C7: ??? (in /usr/bin/msgfmt) ==8072== by 0x10D8EB: ??? (in /usr/bin/msgfmt) ==8072== by 0x4AABF32: (below main) (in /usr/lib64/libc-2.29.so) ==8072== poc:17: duplicate message definition... poc:16: ...this is the location of the first definition poc:18:3: syntax error poc:18: keyword "n" unknown poc:19: end-of-line within string poc:28: duplicate message definition... poc:24: ...this is the location of the first definition poc:35: keyword "msgud_plural" unknown poc:34: missing 'msgstr' section poc:35:13: syntax error poc:40: end-of-line within string poc:46: end-of-line within string poc: warning: Charset missing in header. Message conversion to user's charset will not work. poc:42: duplicate message definition... poc:6: ...this is the location of the first definition poc:46:2: syntax error poc:46: keyword "Ep" unknown poc:47: keyword "C" unknown poc:48: keyword "s" unknown poc:49: keyword "bo" unknown poc:50: keyword "S" unknown poc:50:236: invalid control sequence poc:50:397: invalid control sequence poc:51: end-of-line within string msgfmt: too many errors, aborting ==8072== ==8072== HEAP SUMMARY: ==8072== in use at exit: 59,783 bytes in 123 blocks ==8072== total heap usage: 547 allocs, 424 frees, 99,479 bytes allocated ==8072== ==8072== LEAK SUMMARY: ==8072== definitely lost: 650 bytes in 82 blocks ==8072== indirectly lost: 0 bytes in 0 blocks ==8072== possibly lost: 0 bytes in 0 blocks ==8072== still reachable: 59,133 bytes in 41 blocks ==8072== suppressed: 0 bytes in 0 blocks ==8072== Rerun with --leak-check=full to see details of leaked memory ==8072== ==8072== Use --track-origins=yes to see where uninitialised values come from ==8072== For lists of detected and suppressed errors, rerun with: -s ==8072== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) Expected results: No errors. Additional info:
with gettext-0.20.1-3.fc31.x86_64 [suanand@localhost doublefree]$ valgrind msgfmt poc ==16488== Memcheck, a memory error detector ==16488== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==16488== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info ==16488== Command: msgfmt poc ==16488== poc:17: duplicate message definition... poc:16: ...this is the location of the first definition poc:18:3: syntax error poc:18: keyword "n" unknown poc:19: end-of-line within string poc:28: duplicate message definition... poc:24: ...this is the location of the first definition poc:35: keyword "msgud_plural" unknown poc:34: missing 'msgstr' section poc:35:13: syntax error poc:40: end-of-line within string poc:46: end-of-line within string poc: warning: Charset missing in header. Message conversion to user's charset will not work. poc:42: duplicate message definition... poc:6: ...this is the location of the first definition poc:46:2: syntax error poc:46: keyword "Ep" unknown poc:47: keyword "C" unknown poc:48: keyword "s" unknown poc:49: keyword "bo" unknown poc:50: keyword "S" unknown poc:50:236: invalid control sequence poc:50:397: invalid control sequence poc:51: end-of-line within string msgfmt: too many errors, aborting ==16488== ==16488== HEAP SUMMARY: ==16488== in use at exit: 59,727 bytes in 123 blocks ==16488== total heap usage: 547 allocs, 424 frees, 99,367 bytes allocated ==16488== ==16488== LEAK SUMMARY: ==16488== definitely lost: 650 bytes in 82 blocks ==16488== indirectly lost: 0 bytes in 0 blocks ==16488== possibly lost: 0 bytes in 0 blocks ==16488== still reachable: 59,077 bytes in 41 blocks ==16488== suppressed: 0 bytes in 0 blocks ==16488== Rerun with --leak-check=full to see details of leaked memory ==16488== ==16488== For lists of detected and suppressed errors, rerun with: -s ==16488== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) Though we have msgfmt reporting errors and some memory leaks as well; valgrind says 0 errors for memory error!
(In reply to Sundeep Anand from comment #1) > with gettext-0.20.1-3.fc31.x86_64 > > [suanand@localhost doublefree]$ valgrind msgfmt poc > ==16488== Memcheck, a memory error detector > ==16488== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. > ==16488== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info > ==16488== Command: msgfmt poc > ==16488== > poc:17: duplicate message definition... > poc:16: ...this is the location of the first definition > poc:18:3: syntax error > poc:18: keyword "n" unknown > poc:19: end-of-line within string > poc:28: duplicate message definition... > poc:24: ...this is the location of the first definition > poc:35: keyword "msgud_plural" unknown > poc:34: missing 'msgstr' section > poc:35:13: syntax error > poc:40: end-of-line within string > poc:46: end-of-line within string > poc: warning: Charset missing in header. > Message conversion to user's charset will not work. > poc:42: duplicate message definition... > poc:6: ...this is the location of the first definition > poc:46:2: syntax error > poc:46: keyword "Ep" unknown > poc:47: keyword "C" unknown > poc:48: keyword "s" unknown > poc:49: keyword "bo" unknown > poc:50: keyword "S" unknown > poc:50:236: invalid control sequence > poc:50:397: invalid control sequence > poc:51: end-of-line within string > msgfmt: too many errors, aborting > ==16488== > ==16488== HEAP SUMMARY: > ==16488== in use at exit: 59,727 bytes in 123 blocks > ==16488== total heap usage: 547 allocs, 424 frees, 99,367 bytes allocated > ==16488== > ==16488== LEAK SUMMARY: > ==16488== definitely lost: 650 bytes in 82 blocks > ==16488== indirectly lost: 0 bytes in 0 blocks > ==16488== possibly lost: 0 bytes in 0 blocks > ==16488== still reachable: 59,077 bytes in 41 blocks > ==16488== suppressed: 0 bytes in 0 blocks > ==16488== Rerun with --leak-check=full to see details of leaked memory > ==16488== > ==16488== For lists of detected and suppressed errors, rerun with: -s > ==16488== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) > > Though we have msgfmt reporting errors and some memory leaks as well; > valgrind says 0 errors for memory error! Yes, correct with gettext-0.20.1-4.fc32.x86_64 also,valgrind says ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)