Bug#1042373: libc6: The BUG is related to #1042020 (`reallocarray()` on amd64)
Package: libc6
Version: 2.37-6
Severity: important
The reason for the crash in `mmv` (Issue #104020) is a malfunction of
`reallocarray()`. I tested it. Even with completely harmless parameters,
a valid pointer and two relatively small `size_t` values (88, 8 or
something like that), `reallocarray()` breaks `mmv` with an `invalid
pointer` abort. In the same situation, a normal `realloc()` with the
product of the two `size_t` values and the same pointer works fine.
I tested it with the source package of `mmv` (by creating a version
which uses `realloc()` instead of `reallocarray()`).
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (900, 'testing'), (800, 'unstable')
merged-usr: no
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.4.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled
Versions of packages libc6 depends on:
ii libgcc-s1 13.1.0-9
Versions of packages libc6 recommends:
ii libidn2-0 2.3.4-1
Versions of packages libc6 suggests:
ii cdebconf [debconf-2.0] 0.270
ii debconf [debconf-2.0] 1.5.82
ii glibc-doc 2.37-6
ii libc-l10n 2.37-6
ii libnss-nis 3.1-4
ii libnss-nisplus 1.3-4
ii locales 2.37-6
-- debconf information excluded
Reply to: