[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#415573: marked as done (libc6: uninitialised value in manager.c:128)

Your message dated Thu, 19 Apr 2007 15:26:11 +0200
with message-id <20070419132610.GD1015@.intersec.eu>
and subject line Bug#415573: libc6: uninitialised value in manager.c:128
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libc6
Version: 2.3.6.ds1-13
Severity: important

Hash: SHA1

Valgrind has been reporting the following already for a long time:

==16241== Thread 2:
==16241== Conditional jump or move depends on uninitialised value(s)
==16241==    at 0x40270CC: __pthread_manager (manager.c:128)
==16241==    by 0x4151389: clone (clone.S:119)

This might pose an attack vector, as memory on the stack is not cleared
out per default, depending on the compiler that is used, which in
general is gcc which does not do that; which is evident otherwise
valgrind would not complain about it.

The problem seems to be somewhere inside:
  /* If we have special thread_self processing, initialize it.  */
  INIT_THREAD_SELF(self, 1);
- --------------------------------------------->8
Which, when trying to follow it, is a huge messy code block.
Trying to determine exactly that this problem occurs is difficult
because of this, it would have been very handy if instead of #defining
functions that code was actually in functions and then let the compiler
choose to optimize it out or not. But that is my opinion.

Can somebody, more fluent in glibc, take a look at this?

- -- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i386)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-2-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages libc6 depends on:
ii  tzdata                        2007c-1    Time Zone and Daylight Saving Time

libc6 recommends no packages.

- -- no debconf information

Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Jeroen Massar / http://unfix.org/~jeroen/


--- End Message ---
--- Begin Message ---
Version: 2.5

On Thu, Apr 19, 2007 at 01:45:52PM +0100, Jeroen Massar wrote:
> Pierre HABOUZIT wrote:
> [..]
> >   Does it still apply to glibc2.5 currently in unstable ?
> It seems to be fine for glibc2.5, thanks for the fixup.


·O·  Pierre Habouzit
··O                                                madcoder@debian.org
OOO                                                http://www.madism.org

Attachment: pgpL038czqyyA.pgp
Description: PGP signature

--- End Message ---

Reply to: