Your message dated Wed, 28 Nov 2012 12:02:36 +0000
with message-id <e1tdglc-0008ev...@franck.debian.org>
and subject line Bug#694601: fixed in unzip 6.0-8
has caused the Debian Bug report #694601,
regarding unzip uses memcpy with overlapping buffers
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
694601: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694601
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: unzip
Version: 6.0-7
Severity: grave
Tags: upstream
Justification: causes non-serious data loss
Dear Maintainer,
Unzipping an archive gives me CRC errors and corrupt files. Please consider
adding -DNOMEMCPY to the compile line. I was merrily unzipping an
archive when I came across CRC errors for some of the extracted files:
$ unzip ../walk_network_20120628.zip
Archive: ../walk_network_20120628.zip
inflating: walk_network.shx
inflating: walk_network.dbf bad CRC b3242663 (should be 7d1b61e0)
inflating: walk_network.prj
inflating: walk_network.sbn
inflating: walk_network.sbx
inflating: walk_network.shp bad CRC 13443cc8 (should be 0adaa078)
inflating: walk_network.shp.xml
The extracted files are corrupted. I suspected a memory failure
so ran memtester with a large percentage of ram under test. Nothing
showed up and grumpyness ensued.
So I downloaded the source using apt-get source unzip, built
the unzip executable with flags -O0 -g and removed the -s
flag from the link line to not strip the resulting binaries, like so:
$ make -B -f unix/Makefile LF2="" CFLAGS="-O0 -g" unzip
[...]
Running the unzip command above under valgrind and tells me this:
$ valgrind ../unzip-6.0/unzip ../lvm_walk_network_20120628.zip
==19732== Memcheck, a memory error detector
==19732== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==19732== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==19732== Command: ../unzip-6.0/unzip ../walk_network_20120628.zip
==19732==
Archive: ../walk_network_20120628.zip
inflating: walk_network.shx
inflating: walk_network.dbf ==19732== Source and destination overlap in
memcpy(0x70dd44, 0x70dd72, 74)
==19732== at 0x4C2A690: memcpy (mc_replace_strmem.c:838)
==19732== by 0x40D377: inflate_codes (inflate.c:1021)
==19732== by 0x40E151: inflate_dynamic (inflate.c:1373)
==19732== by 0x40E2D0: inflate_block (inflate.c:1421)
==19732== by 0x40E3E7: inflate (inflate.c:1494)
==19732== by 0x408B38: extract_or_test_member (extract.c:1855)
==19732== by 0x408091: extract_or_test_entrylist (extract.c:1576)
==19732== by 0x406060: extract_or_test_files (extract.c:584)
==19732== by 0x4116D8: do_seekable (process.c:987)
==19732== by 0x410719: process_zipfiles (process.c:401)
==19732== by 0x402195: unzip (unzip.c:1253)
==19732== by 0x401B10: main (unzip.c:720)
==19732==
Looking at the source I see it choosing between memcpy() and
a hand-rolled forward copy like this:
#ifndef NOMEMCPY
if ((unsigned)w - d >= e)
/* (this test assumes unsigned comparison) */
{
memcpy(redirSlide + (unsigned)w, redirSlide + d, e);
w += e;
d += e;
}
else /* do it slowly to avoid memcpy() overlap */
#endif /* !NOMEMCPY */
do {
redirSlide[w++] = redirSlide[d++];
} while (--e);
The same style of test occurs in explode.c twice. So I added -DNOMEMCPY to
the compile line, rebuilt, and ran the unzip command again. All files were
intact without any corruption.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages unzip depends on:
ii libbz2-1.0 1.0.6-4
ii libc6 2.13-35
unzip recommends no packages.
Versions of packages unzip suggests:
pn zip <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: unzip
Source-Version: 6.0-8
We believe that the bug you reported is fixed in the latest version of
unzip, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 694...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Santiago Vila <sanv...@debian.org> (supplier of updated unzip package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 28 Nov 2012 12:41:34 +0100
Source: unzip
Binary: unzip
Architecture: source amd64
Version: 6.0-8
Distribution: unstable
Urgency: low
Maintainer: Santiago Vila <sanv...@debian.org>
Changed-By: Santiago Vila <sanv...@debian.org>
Description:
unzip - De-archiver for .zip files
Closes: 689212 694601
Changes:
unzip (6.0-8) unstable; urgency=low
.
* Made unzip -X to actually restore uid/gid information.
Closes: #689212. Thanks to Axel Scheepers for the report.
* Disabled memcpy, as it is being used on overlapping buffers,
leading to data corruption. Closes: #694601.
Thanks to M Joonas Pihlaja for the report.
Checksums-Sha1:
f6a553de2fa4de07f8fed6e72ee2ecebea9a6836 1319 unzip_6.0-8.dsc
4e3686255f6cc4ba1719fbcc080f991580538042 11051 unzip_6.0-8.debian.tar.gz
56c219d6bbbac6cc0f9b8db63d4c5ce871b6418a 194310 unzip_6.0-8_amd64.deb
Checksums-Sha256:
36a0dcf6939b600e6403776bc4ad3be618093effa24fe2fc1f7f7dc3b7841b40 1319
unzip_6.0-8.dsc
1e0c8bcf612d81aa3b59e76d532204fb1d0d070e2a1c87f15c1ab4017a8278e8 11051
unzip_6.0-8.debian.tar.gz
305952404915c7ecc9185b48987373f681fb7604ec1284118ae9d34ff05f7e28 194310
unzip_6.0-8_amd64.deb
Files:
ba070a7b75b4cf34b206cb82c9d18b6f 1319 utils optional unzip_6.0-8.dsc
af71582c81e60328af63ef28c127eb3d 11051 utils optional unzip_6.0-8.debian.tar.gz
86f654728b3aaf17338af6bd2050d6de 194310 utils optional unzip_6.0-8_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBCAAGBQJQtfjYAAoJEEHOfwufG4sy6aIH/1Q12M6iVHjUMZI0ONmNuZm8
Gsmu762TOHsVzr7oc+/Xc7kq4NFMJWjr8QqWmLDPu3F5G47PrALqawzuI6PezTg7
Bw4UigSxhGnEEYef7e/NRMYiQXzIjvE/VmgfQczbpGKWaKiQC6jguPESwUY9HZdP
xgr10HaurmG6U3qV2cSiaZJlZMgZOVVqCcncH9X1YQ80WhfzsLQxtCJd2hkjLGWK
uMBr/2Aqjo4PZD9yPgYaQn3EpHvegItj5MyEhWMu6Xr0w/dKpLQ9FGexeveJ5m1L
qm0wpq2kGX/R0nJMnEe+e/zC7gr5fyUgBgDZzIIXns9hCbKjMWOnM3Y9hmm11RQ=
=aEqQ
-----END PGP SIGNATURE-----
--- End Message ---
