Your message dated Thu, 19 Apr 2007 15:26:11 +0200 with message-id <20070419132610.GD1015@.intersec.eu> and subject line Bug#415573: libc6: uninitialised value in manager.c:128 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: libc6: uninitialised value in manager.c:128
- From: Jeroen Massar <jeroen@unfix.org>
- Date: Tue, 20 Mar 2007 13:33:52 +0100
- Message-id: <20070320123352.17353.84808.reportbug@purgatory.unfix.org>
Package: libc6 Version: 2.3.6.ds1-13 Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Valgrind has been reporting the following already for a long time: ==16241== Thread 2: ==16241== Conditional jump or move depends on uninitialised value(s) ==16241== at 0x40270CC: __pthread_manager (manager.c:128) ==16241== by 0x4151389: clone (clone.S:119) This might pose an attack vector, as memory on the stack is not cleared out per default, depending on the compiler that is used, which in general is gcc which does not do that; which is evident otherwise valgrind would not complain about it. The problem seems to be somewhere inside: 8<--------------------------------------------- /* If we have special thread_self processing, initialize it. */ #ifdef INIT_THREAD_SELF INIT_THREAD_SELF(self, 1); #endif - --------------------------------------------->8 Which, when trying to follow it, is a huge messy code block. Trying to determine exactly that this problem occurs is difficult because of this, it would have been very handy if instead of #defining functions that code was actually in functions and then let the compiler choose to optimize it out or not. But that is my opinion. Can somebody, more fluent in glibc, take a look at this? - -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i386) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-2-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages libc6 depends on: ii tzdata 2007c-1 Time Zone and Daylight Saving Time libc6 recommends no packages. - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Jeroen Massar / http://unfix.org/~jeroen/ iD8DBQFF/9SwKaooUjM+fCMRArQYAJ9McAvhz6iT8UWiedv85HJkfL/fqQCffmme 6ya9sqgMApd9C+VvhnzluA8= =MMRc -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
- To: Jeroen Massar <jeroen@unfix.org>
- Cc: 415573-done@bugs.debian.org
- Subject: Re: Bug#415573: libc6: uninitialised value in manager.c:128
- From: Pierre HABOUZIT <madcoder@debian.org>
- Date: Thu, 19 Apr 2007 15:26:11 +0200
- Message-id: <20070419132610.GD1015@.intersec.eu>
- In-reply-to: <[🔎] 46276480.9050900@spaghetti.zurich.ibm.com>
- References: <20070320123352.17353.84808.reportbug@purgatory.unfix.org> <[🔎] 20070414233112.GA24572@artemis> <[🔎] 46276480.9050900@spaghetti.zurich.ibm.com>
Version: 2.5 On Thu, Apr 19, 2007 at 01:45:52PM +0100, Jeroen Massar wrote: > Pierre HABOUZIT wrote: > [..] > > Does it still apply to glibc2.5 currently in unstable ? > > It seems to be fine for glibc2.5, thanks for the fixup. thanks. -- ·O· Pierre Habouzit ··O madcoder@debian.org OOO http://www.madism.orgAttachment: pgpL038czqyyA.pgp
Description: PGP signature
--- End Message ---