Bug 745739 - memrchr segfaults against zero-sized memory region
Summary: memrchr segfaults against zero-sized memory region
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: glibc
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Andreas Schwab
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-10-13 09:23 UTC by Richard W.M. Jones
Modified: 2016-11-24 16:08 UTC (History)
4 users (show)

Fixed In Version: glibc-2.14.90-12.999
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-10-19 04:34:00 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
test-memrchr.c (4.13 KB, text/plain)
2011-10-13 09:23 UTC, Richard W.M. Jones 		no flags Details
View All

Description Richard W.M. Jones 2011-10-13 09:23:53 UTC 
Created attachment 527914 [details]
test-memrchr.c

Description of problem:

memrchr segfaults, see the attached program for a simple
reproducer.

Version-Release number of selected component (if applicable):

glibc-2.14.90-11.x86_64

How reproducible:

100%

Steps to Reproduce:
1. gcc test-memrchr.c -o test-memrchr
2. ./test-memrchr
3.
  
Actual results:

Segfault.
Comment 1 Richard W.M. Jones 2011-10-13 09:27:13 UTC 
Stack trace:

Program received signal SIGSEGV, Segmentation fault.
memrchr () at ../sysdeps/x86_64/memrchr.S:286
286		pcmpeqb	(%rdi), %xmm1
(gdb) bt
#0  memrchr () at ../sysdeps/x86_64/memrchr.S:286
#1  0x0000000000400889 in main () at test-memrchr.c:46
Comment 2 Richard W.M. Jones 2011-10-14 12:10:08 UTC 
Fixed (silently) upstream:

http://repo.or.cz/w/glibc.git/commit/81dcc7fb74a766f970800b9975e85b5fe7f6ea38
Comment 3 Richard W.M. Jones 2011-10-14 13:13:12 UTC 
I backported this patch and put it into glibc f16:

http://pkgs.fedoraproject.org/gitweb/?p=glibc.git;a=commitdiff;h=cf6224207fd36b9c908f7af1df1b23512b682d32
http://koji.fedoraproject.org/koji/taskinfo?taskID=3430873

The patch can be removed when f16 is next updated.
Comment 4 Andreas Schwab 2011-10-14 13:29:13 UTC 
WTF?
Comment 5 Jim Meyering 2011-10-14 13:35:02 UTC 
Thanks for the quick fix, Rich.
That bug was causing every gnulib-using package I maintain to fail the memrchr test.
Comment 6 Richard W.M. Jones 2011-10-14 13:37:29 UTC 
(In reply to comment #4)
> WTF?

It's so we can proceed building packages that use gnulib
and run the tests.
Comment 7 Andreas Schwab 2011-10-14 13:45:13 UTC 
So you used the worst possible way, without consulting the package maintainer.  WTF?
Comment 8 Richard W.M. Jones 2011-10-14 13:52:08 UTC 
(In reply to comment #7)
> So you used the worst possible way, without consulting the package maintainer. 
> WTF?

Could you please raise the specific problem with the
patch as I did it, rather than just using general insults.
Comment 9 Fedora Update System 2011-10-14 13:53:38 UTC 
glibc-2.14.90-12 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/glibc-2.14.90-12
Comment 10 Andreas Schwab 2011-10-14 14:09:42 UTC 
I'm just stating the facts.
Comment 11 Fedora Update System 2011-10-15 14:29:43 UTC 
Package glibc-2.14.90-12:
* should fix your issue,
* was pushed to the Fedora 16 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing glibc-2.14.90-12'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2011-14337
then log in and leave karma (feedback).
Comment 12 Fedora Update System 2011-10-17 13:32:58 UTC 
glibc-2.14.90-12.999 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/glibc-2.14.90-12.999
Comment 13 Fedora Update System 2011-10-19 04:34:00 UTC 
glibc-2.14.90-12.999 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.