Bug#1016560: glibc 2.34 breaks scalpel autopkgtest on amd64: bash: line 1: 1961 Segmentation fault

Thu, 11 Aug 2022 06:57:17 -0700 

control: tag -1 +pending

On 2022-08-09 09:31, Aurelien Jarno wrote:
> control: severity 1016560 serious
> 
> On 2022-08-03 00:01, Aurelien Jarno wrote:
> > Source: scalpel
> > Version: 1.60-9
> > Severity: important
> > Tags: upstream patch
> > User: debian-gl...@lists.debian.org
> > Usertags: glibc2.34
> > 
> > Dear maintainer,
> > 
> > The autopkgtest of scalpel fails in sid on amd64 when that autopkgtest is
> > run with the binary packages of glibc from experimental. It passes when
> > run with only packages from sid. In tabular form:
> > 
> >                      pass            fail
> > glibc                from sid        2.34-0experimental5
> > scalpel              from sid        1.60-9
> > all others           from sid        from sid
> > 
> > Here is the relevant part of the test log:
> > 
> > autopkgtest [10:36:40]: test command1: scalpel -c debian/tests/scalpel.conf 
> > debian/tests/lua.img
> > autopkgtest [10:36:40]: test command1: [-----------------------
> > 
> > Opening target 
> > "/tmp/autopkgtest-lxc.93yq46zi/downtmp/build.fXk/src/debian/tests/lua.img"
> > 
> > bash: line 1:  1961 Segmentation fault      bash -ec 'scalpel -c 
> > debian/tests/scalpel.conf debian/tests/lua.img' 2> >(tee -a 
> > /tmp/autopkgtest-lxc.93yq46zi/downtmp/command1-stderr >&2) > >(tee -a 
> > /tmp/autopkgtest-lxc.93yq46zi/downtmp/command1-stdout)
> > 
> > The full test log is available there:
> > https://ci.debian.net/data/autopkgtest/unstable/amd64/s/scalpel/24235565/log.gz
> > 
> > After some debugging, I have found the issue to be a duplicate use of a
> > va_list without using va_copy. Please find attached a patch to fix that.
> > 
> > Regards
> > Aurelien
> 
> > --- scalpel-1.60.orig/helpers.c
> > +++ scalpel-1.60/helpers.c
> > @@ -70,12 +70,14 @@ void setProgramName(char *s) {
> >  // write entry to both the screen and the audit file 
> >  void scalpelLog(struct scalpelState *state, char *format, ...) {
> >  
> > -  va_list argp;
> > +  va_list argp, argp2;
> >  
> >    va_start(argp,format);
> > +  va_copy(argp2, argp);
> >    vfprintf (stderr,format,argp);
> > -  vfprintf (state->auditFile,format,argp);
> >    va_end(argp);
> > +  vfprintf (state->auditFile,format,argp2);
> > +  va_end(argp2);
> >  }
> >  
> >  // determine if two characters match, with optional case 
> 
> glibc 2.34 is now in unstable, upgrading the severity.

I have uploaded a NMU fixing this issue to DELAYED/2. Please find the
corresponding debdiff attached. Also please feel free to ask me to delay
or cancel this NMU.

Regards
Aurelien

-- 
Aurelien Jarno                          GPG: 4096R/1DDD8C9B
aurel...@aurel32.net                 http://www.aurel32.net

diff -Nru scalpel-1.60/debian/changelog scalpel-1.60/debian/changelog
--- scalpel-1.60/debian/changelog       2020-04-21 02:01:23.000000000 +0000
+++ scalpel-1.60/debian/changelog       2022-08-11 13:45:53.000000000 +0000
@@ -1,3 +1,11 @@
+scalpel (1.60-9+nmu1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * debian/patches/60_va_copy.patch: fix the va_list usage in
+    setProgramName(). (Closes: #1016560).
+
+ -- Aurelien Jarno <aure...@debian.org>  Thu, 11 Aug 2022 15:45:53 +0200
+
 scalpel (1.60-9) unstable; urgency=medium
 
   * Team upload.
diff -Nru scalpel-1.60/debian/patches/60_va_copy.patch 
scalpel-1.60/debian/patches/60_va_copy.patch
--- scalpel-1.60/debian/patches/60_va_copy.patch        1970-01-01 
00:00:00.000000000 +0000
+++ scalpel-1.60/debian/patches/60_va_copy.patch        2022-08-11 
13:44:57.000000000 +0000
@@ -0,0 +1,23 @@
+Description: Fix the va_list usage in setProgramName(). (Closes: #1016560).
+Author: Aurelien Jarno <aure...@debian.org>
+Last-Update: 2022-08-11
+
+--- scalpel-1.60.orig/helpers.c
++++ scalpel-1.60/helpers.c
+@@ -70,12 +70,14 @@ void setProgramName(char *s) {
+ // write entry to both the screen and the audit file 
+ void scalpelLog(struct scalpelState *state, char *format, ...) {
+ 
+-  va_list argp;
++  va_list argp, argp2;
+ 
+   va_start(argp,format);
++  va_copy(argp2, argp);
+   vfprintf (stderr,format,argp);
+-  vfprintf (state->auditFile,format,argp);
+   va_end(argp);
++  vfprintf (state->auditFile,format,argp2);
++  va_end(argp2);
+ }
+ 
+ // determine if two characters match, with optional case 
diff -Nru scalpel-1.60/debian/patches/series scalpel-1.60/debian/patches/series
--- scalpel-1.60/debian/patches/series  2020-04-21 01:59:40.000000000 +0000
+++ scalpel-1.60/debian/patches/series  2022-08-11 13:45:53.000000000 +0000
@@ -3,3 +3,4 @@
 30_improve-error-message.patch
 40_fix-spelling.patch
 50_fix-jpg-remove-spaces.patch
+60_va_copy.patch

Reply via email to