[Bug 249676] New: perl-5.8.8 : Invalid read of size 2
https://bugzilla.novell.com/show_bug.cgi?id=249676 Summary: perl-5.8.8 : Invalid read of size 2 Product: openSUSE 10.3 Version: Alpha 1 Platform: x86-64 OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: dcb314@hotmail.com QAContact: qa@suse.de I just tried to build package arts-1.5.6-5 with valgrind on Suse Linux 10.3 Alpha 1. I used command line valgrind -q --trace-children=yes rpmbuild -bc acct.spec The output contains + make -f admin/Makefile.common cvs ==8004== Invalid read of size 2 ==8004== at 0x570725D: getenv (in /lib64/libc-2.5.so) ==8004== by 0x42584D: (within /usr/bin/perl) ==8004== by 0x42897C: perl_parse (in /usr/bin/perl) ==8004== by 0x420E03: main (in /usr/bin/perl) ==8004== Address 0x4097968 is 0 bytes inside a block of size 1 alloc'd ==8004== at 0x4C22C56: malloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==8004== by 0x46E07D: Perl_safesysmalloc (in /usr/bin/perl) ==8004== by 0x471D21: Perl_my_setenv (in /usr/bin/perl) ==8004== by 0x428800: perl_parse (in /usr/bin/perl) ==8004== by 0x420E03: main (in /usr/bin/perl) ==8004== So it seems that perl-5.8.8 is at fault. Suggest code rework. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |mls@novell.com |screening@forge.provo.novell| |.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 mls@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dmueller@novell.com ------- Comment #1 from mls@novell.com 2007-03-01 07:13 MST ------- Dunno, getenv is a glibc function. Might as well be a false positive from valgrind. I don't see why getenv should read 2 bytes... CC dirk, our valgrind maintainer... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 ------- Comment #2 from dmueller@novell.com 2007-03-08 14:44 MST ------- I've shortly looked into it, and I consider the warning valid. getenv() is strangely optimized (well, its glibc code) by reading two chars at once and seeing if they're "=\0". I've shortly looked into the perl code, but wasn't able to find out where it allocates 1 byte sized chunks for the environment. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 ------- Comment #3 from mls@novell.com 2007-03-09 04:01 MST ------- It duplicates the environment. Seems to me like the env contained an empty string, which perl copied. So it is really not a perl bug (well, maybe I could add a +1 to the malloc to work around the strange glibc code...). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 dmueller@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pbaudis@novell.com ------- Comment #4 from dmueller@novell.com 2007-03-11 13:11 MST ------- I can not reproduce the report btw. I've tried on x86 and on x86_64. Anyway, a small testcase however triggers the report: #include <stdlib.h> #include <assert.h> #include <stdio.h> int main ( void ) { int r; char* p; p = malloc(1); assert(p); p[0] = '='; r = putenv(p); assert(r == 0); p = getenv("XYZZY"); printf("p = %p\n", p); return 0; } I guess glibc should be patched to not putenv() null length environment strings if it can't deal with it during getenv(). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 ------- Comment #5 from pbaudis@novell.com 2007-03-21 08:55 MST ------- The testcase is wrong, the string you are putenv()ing is not nul-terminated. And it is clearly specified that all the environment items are in the format name=value, so nothing shorter than =\0 should ever appear in the environment. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 ------- Comment #6 from dmueller@novell.com 2007-03-21 09:37 MST ------- yes, the testcase is "wrong", however it triggers the warning, therefore it is "right". the problem here is that putenv() accepts something that is going to fail later. there is no good reason for putting a value bound to name "" (the empty string) into the environment. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 dmueller@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |dcb314@hotmail.com ------- Comment #7 from dmueller@novell.com 2007-03-30 03:52 MST ------- I've added a patch to valgrind to be able to track the source of the undefinedness in the environment. could you please rerun your test (which I cannot reproduce) and see where it comes from? thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 ------- Comment #8 from dmueller@novell.com 2007-04-12 04:58 MST ------- ping.. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 dcb314@hotmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|dcb314@hotmail.com | ------- Comment #9 from dcb314@hotmail.com 2007-04-12 10:28 MST ------- (In reply to comment #8)
ping..
Sorry I took so long to reply. Bad news I am afraid. I am unable to rerun the test. The machine has been assigned to other duties and has been re-installed with other things. Even worse, further development of Suse Linux is off the menu due to lack of time. This probably means this bug report goes to can't reproduce or won't fix. Thanks for your help anyway. It's been an educational experience. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=249676 dmueller@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME ------- Comment #10 from dmueller@novell.com 2007-04-13 02:00 MST ------- ok, the env tracking support has been added to valgrind, and I cannot reproduce the bugreport myself. so closing as worksforme. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com