Re: Help with imagemagick tests / build

To: debian-lts@lists.debian.org
Subject: Re: Help with imagemagick tests / build
From: Roberto C. Sánchez <roberto@debian.org>
Date: Mon, 4 Jul 2022 08:38:58 -0400
Message-id: <[🔎] YsLfYofYa1DYDXeF@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org
In-reply-to: <[🔎] 20220704142326.45bbc76f@debian-i7>
References: <[🔎] 20220702013026.057772dc@debian-i7> <[🔎] YsIRWR6bLQ1UF2Sp@connexer.com> <[🔎] 20220704142326.45bbc76f@debian-i7>

On Mon, Jul 04, 2022 at 02:23:37PM +0200, Andreas Rönnquist wrote:
> On Sun, 3 Jul 2022 17:59:53 -0400
> Roberto C. Sánchez <roberto@debian.org> wrote:
> 
> >On Sat, Jul 02, 2022 at 01:30:26AM +0200, Andreas Rönnquist wrote:
> >> Hello -
> >> 
> >> I have updated the imagemagick package in LTS, with fixes for some
> >> CVE's, but then it doesn't build properly on the buildd - some tests
> >> fail on the XBM format -
> >> 
> >> The frustrating thing is that it builds just fine locally, both on
> >> amd64 and on i386, but on the buildd it has built finally on amd64 (on
> >> the third try, but on i386 it has done 5 without succeeding). [1]
> >> 
> >> And I do not believe it is my changes that does it - it has failed
> >> similarly on earlier versions, but there it hasn't required as many
> >> rebuilds to succeed, so I don't believe that my changes are the cause -
> >> the test failures on the version before the one I uploaded are identical.
> >> 
> >> I ask here for help now, after asking on the imagemagick mailinglist
> >> [2] without a reply for some time - so I am getting out of options -
> >> 
> >> Help would be very much appreciated.
> >>   
> >Hi Andreas,
> >
> >I have looked at your patches for ImageMagick 8:6.9.7.4+dfsg-11+deb9u14
> >and it appears that the patch for CVE-2021-3596 may have an error in the
> >way it was backported.
> >
> >After the commit in question (27f314e2e6), the upstream code has this
> >structure starting at line 3605:
> >
> >if (n > 0)
> >  {
> >    ...
> >  }
> >if (svg_info->parser == (xmlParserCtxtPtr) NULL)
> >  {
> >    ...
> >  }
> >
> >However, your patch puts the second if statement within the scope of the
> >first, like this:
> >
> >if (n > 0)
> >  {
> >    ...
> >    if (svg_info->parser == (xmlParserCtxtPtr) NULL)
> >      {
> >         ...
> >      }
> >  }
> >
> >I suspect that may have something to do with the test failures you are
> >observing.  It may be necessary to correct the patch and upload again.
> >
> 
> 
> Oh - you are right - that is indeed a mistake from my side. I will fix
> this and re-upload - however, the version before my upload shows similar
> build errors (even if it managed to build that one on all arches after
> some tries), so I have a slight suspicion that it will fail again, but
> well see - Let's hope for the best!
> 
My thought on why it could be related is because there are conditions in
which the backported patch would not free the associated resources.
That seemed like it could be the root cause of the test failure.

> Thank you very much for the help!
> 
Certainly and any time!

Note that stretch-security is closed to new uploads.  So, you will need
to publish any update by targeting stretch in ELTS.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

References:
- Help with imagemagick tests / build
  - From: Andreas Rönnquist <gusnan@librem.one>
- Re: Help with imagemagick tests / build
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: Help with imagemagick tests / build
  - From: Andreas Rönnquist <gusnan@librem.one>

Prev by Date: Re: Help with imagemagick tests / build
Next by Date: Debian LTS - June 2022 report
Previous by thread: Re: Help with imagemagick tests / build
Next by thread: Re: [Debian Wiki] Update of "LTS" by BenWestover
Index(es):
- Date
- Thread