[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#818233: Fails to build from source on kfreebsd-amd64



@lists.openwall.comOn Mon, Mar 14, 2016 at 10:24:24PM +0000, Steven Chamberlain wrote:
> user debian-bsd@lists.debian.org
> usertags 818233 + kfreebsd
> thanks
> 
> Hi,
> 
> Moritz Muehlenhoff wrote:
> > gdk-pixbuf on kfreebsd-amd64 is still at version 2.31.5-1 since all
> > later version fail to build. Can someone from the kfreebsd porters
> > look into this? It works on kfreebsd-i386.
> 
> I looked at this before but couldn't really decide how to proceed.
> The test for CVE-2015-4491 is IMHO buggy, although that is subjective.
> 
> Here's a bug where this test was discussed in some detail:
> https://bugzilla.gnome.org/show_bug.cgi?id=754387
> though it was marked as fixed after it now "seems fine for the
> architectures we care about".
> 
> Here's a more recent upstream bug reporting this on Linux, with no
> response:  https://bugzilla.gnome.org/show_bug.cgi?id=758104
> 
> IIRC the test tries to allocate about 16 GiB of heap memory.  On
> kfreebsd-amd64 the allocation understandably fails.  On kfreebsd-i386
> ISTR the test is skipped.  On Linux, usually the allocations are lazy
> unless non-zero values are written into the buffer, and I guess they're
> not, which is why it succeeds.  Except, with MALLOC_PERTURB_ options,
> Dimitri John Ledkov has shown that it still fails in that case:
> https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/1519030
> 
> It's kind of odd, that MALLOC_PERTURB_ is supposed to be *already* set
> when running the testsuite, so I would expect it to already fail on the
> Debian linux-amd64 buildds.
> 
> The large memory allocation is actually necessary to test that the
> original bug (rescaling an image that has large dimensions) is fixed.
> Though it seems to me this is still a DoS issue that can be triggered on
> FreeBSD and perhaps Linux in some situations.
> 
> Maybe I could find a testcase that triggers a crash reliably on Linux,
> and that may attract more interest in fixing this for good.
> 
> I commented that the large memory allocation (and the original
> CVE-2015-4491) might have been avoided by falling back to simpler
> rescale methods when handling very large images:
> https://bugzilla.gnome.org/show_bug.cgi?id=754387#c23

I think the testcase should simply be skipped on kfreebsd-*.

Cheers,
        Moritz





Reply to: