Re: Bug#818233: Fails to build from source on kfreebsd-amd64
@lists.openwall.comOn Mon, Mar 14, 2016 at 10:24:24PM +0000, Steven Chamberlain wrote:
> user firstname.lastname@example.org
> usertags 818233 + kfreebsd
> Moritz Muehlenhoff wrote:
> > gdk-pixbuf on kfreebsd-amd64 is still at version 2.31.5-1 since all
> > later version fail to build. Can someone from the kfreebsd porters
> > look into this? It works on kfreebsd-i386.
> I looked at this before but couldn't really decide how to proceed.
> The test for CVE-2015-4491 is IMHO buggy, although that is subjective.
> Here's a bug where this test was discussed in some detail:
> though it was marked as fixed after it now "seems fine for the
> architectures we care about".
> Here's a more recent upstream bug reporting this on Linux, with no
> response: https://bugzilla.gnome.org/show_bug.cgi?id=758104
> IIRC the test tries to allocate about 16 GiB of heap memory. On
> kfreebsd-amd64 the allocation understandably fails. On kfreebsd-i386
> ISTR the test is skipped. On Linux, usually the allocations are lazy
> unless non-zero values are written into the buffer, and I guess they're
> not, which is why it succeeds. Except, with MALLOC_PERTURB_ options,
> Dimitri John Ledkov has shown that it still fails in that case:
> It's kind of odd, that MALLOC_PERTURB_ is supposed to be *already* set
> when running the testsuite, so I would expect it to already fail on the
> Debian linux-amd64 buildds.
> The large memory allocation is actually necessary to test that the
> original bug (rescaling an image that has large dimensions) is fixed.
> Though it seems to me this is still a DoS issue that can be triggered on
> FreeBSD and perhaps Linux in some situations.
> Maybe I could find a testcase that triggers a crash reliably on Linux,
> and that may attract more interest in fixing this for good.
> I commented that the large memory allocation (and the original
> CVE-2015-4491) might have been avoided by falling back to simpler
> rescale methods when handling very large images:
I think the testcase should simply be skipped on kfreebsd-*.