Performing verification for Focal.
I will first reproduce the problem with glib2.0 2.64.6-1~ubuntu20.04.3
from -security with the libglib2.0-0 libglib2.0-bin libglib2.0-data
packages.
I deleted all existing schemas from /usr/share/glib-2.0/schemas and
replaced them with a set of schemas which reproduce the problem easily
from my customer.
$ cd /usr/share/glib-2.0/schemas/
$ sudo rm *
$ sudo cp ~/schemas/* .
The gsettings.compiled from the customer has been corrupted, and when I
reboot, gdm fails to start and I get a blank screen with a blinking
insertion pointer.
The sha256 of the customers corrupted gsettings.compiled is:
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)=
2c98dc9a7fdbac858a8d5ca7e4dd813f16058a46dba2c54b5239cd8cdba5bb3e
When I ssh back in, and recompile the file:
$ sudo glib-compile-schemas /usr/share/glib-2.0/schemas
Error parsing key “logout” in schema
“org.gnome.settings-daemon.plugins.media-keys” as specified in override file
“/usr/share/glib-2.0/schemas/50_vmware_viewagent.gschema.override”: 0-22:can
not parse as value of type 'as'. Ignoring override for this key.
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)=
78163b5f0000efbd6320ce0d355c9531bf657a4f4dc15f057d95ef144323cd56
The sha256 has changed. Doing a bindiff, I see:
$ sudo cmp -l /home/ubuntu/schemas/gschemas.compiled
/usr/share/glib-2.0/schemas/gschemas.compiled | gawk '{printf "%08X %02X
%02X\n", $1, strtonum(0$2), strtonum(0$3)}'
0000376F E3 4F
00003771 A4 C2
We see two bytes different. These bytes are the uninitialised memory
this bug is about. When I reboot, gdm starts fine, but that is because
this time I got lucky and the parser for the gschema.compiled file
thinks 4F and C2 are okay. But there are combinations which aren't okay,
and will end up with a corrupted gschema.compiled file.
Re-compiling the file again:
$ sudo glib-compile-schemas /usr/share/glib-2.0/schemas
Error parsing key “logout” in schema
“org.gnome.settings-daemon.plugins.media-keys” as specified in override file
“/usr/share/glib-2.0/schemas/50_vmware_viewagent.gschema.override”: 0-22:can
not parse as value of type 'as'. Ignoring override for this key.
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)=
460c70faca7afc26fa88a0e5918d312478e15f20ad84f4afaa5d17627a823e01
The sha256 changed, and if we bindiff, the bytes have changed:
$ sudo cmp -l /home/ubuntu/schemas/gschemas.compiled
/usr/share/glib-2.0/schemas/gschemas.compiled | gawk '{printf "%08X %02X
%02X\n", $1, strtonum(0$2), strtonum(0$3)}'
0000376F E3 A6
00003771 A4 A1
If we run glib-compile-schemas through valgrind, it reports that we are
writing to uninitialised memory:
https://paste.ubuntu.com/p/sxrQtbswpw/
I then enabled -proposed and installed libglib2.0-0 libglib2.0-bin
libglib2.0-data version 2.64.6-1~ubuntu20.04.4.
Now, when I re-compile the gschemas.compiled file, the sha256 matches
every time, meaning no more non-deterministic behaviour caused by
writing unitialised memory to disk:
$ sudo glib-compile-schemas /usr/share/glib-2.0/schemas
Error parsing key “logout” in schema
“org.gnome.settings-daemon.plugins.media-keys” as specified in override file
“/usr/share/glib-2.0/schemas/50_vmware_viewagent.gschema.override”: 0-22:can
not parse as value of type 'as'. Ignoring override for this key.
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)=
cd9132d18b596a304251cd1eb50b64aa6fd7511a312906f9a49e1975a319fbf1
$ sudo glib-compile-schemas /usr/share/glib-2.0/schemas
Error parsing key “logout” in schema
“org.gnome.settings-daemon.plugins.media-keys” as specified in override file
“/usr/share/glib-2.0/schemas/50_vmware_viewagent.gschema.override”: 0-22:can
not parse as value of type 'as'. Ignoring override for this key.
$ sudo openssl sha256 /usr/share/glib-2.0/schemas/gschemas.compiled
SHA256(/usr/share/glib-2.0/schemas/gschemas.compiled)=
cd9132d18b596a304251cd1eb50b64aa6fd7511a312906f9a49e1975a319fbf1
Doing a bindiff, I see the changed bytes from before are now all zeros,
which is what the patch initialises the buffer to:
$ sudo cmp -l /home/ubuntu/schemas/gschemas.compiled
/usr/share/glib-2.0/schemas/gschemas.compiled | gawk '{printf "%08X %02X
%02X\n", $1, strtonum(0$2), strtonum(0$3)}'
0000376F E3 00
00003771 A4 00
00003772 55 00
Doing a run through valgrind, we no longer get a report about writing to
uninitialised memory:
https://paste.ubuntu.com/p/z52DGZcdz3/
Rebooting, the VM comes up and GDM starts properly, so glib can parse
the gsettings.compiled file without any issues.
Wonderful. The problem is fixed by the package in -proposed, happy to
mark as verified.
** Tags removed: sts-sponsor verification-needed verification-needed-focal
** Tags added: verification-done verification-done-focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1930359
Title:
glib2.0: Uninitialised memory is written to gschema.compiled, failure
to parse this file leads to gdm, gnome-shell failing to start
To manage notifications about this bug go to:
https://bugs.launchpad.net/glib/+bug/1930359/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
