AW: AW: AW: Preparing for libX11 1.7.0
Walter Harms
wharms at bfs.de
Fri Nov 20 08:23:40 UTC 2020
nobody expects this to become bug free. The point was to raise awareness that the
same class (heap-use-after-free) are still reported.
________________________________________
Von: Alan Coopersmith <alan.coopersmith at oracle.com>
Gesendet: Donnerstag, 19. November 2020 18:07
An: Walter Harms; Keith Packard; Matthieu Herrb; xorg-devel at lists.freedesktop.org
Cc: Vittorio Zecca
Betreff: Re: AW: AW: Preparing for libX11 1.7.0
The original issue should be fixed by Keith's commit yesterday:
https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/a3c0b5dbd6b
I also put in a commit yesterday to prevent some potential use-after-free
issues found by our static analyzer:
https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/103e2e11519
If we wait until libX11 is completely bug free, we'll never ship a release.
Shipping 1.7.0 doesn't mean we stop work - these could continue to be
investigated for 1.7.1 while users get a significant set of bug fixes and
improvements in 1.7.0.
-alan-
On 11/19/20 8:32 AM, Walter Harms wrote:
> I would ask to wait before releasing a new version.
> Actually i had no time the check that, maybe they are all fixed now.
> NTL we should investigate and fix.
>
> btw:gcc has some warnings for xts also
>
> Vittorio Zecca reportet that xts5 finds some more issues.
> SUMMARY: AddressSanitizer: heap-use-after-free /home/vitti/rpmbuil/SOURCES/libX11-1.6.12/src/DrPoint.c:47 in XDrawPoint
> SUMMARY: AddressSanitizer: heap-use-after-free /home/vitti/rpmbuild/SOURCES/libX11-1.6.12/src/SetClMask.c:40 in XSetClipMask
> SUMMARY: AddressSanitizer: heap-use-after-free /home/vitti/rpmbuild/SOURCES/libX11-1.6.12/src/CrGC.c:339 in XFlushGC
> SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/vitti/libasan.so+0x39dd2) in __interceptor_memcpy
> SUMMARY: AddressSanitizer: double-free (/home/vitti/libasan.so+0xab0c7) in __interceptor_free
> SUMMARY: AddressSanitizer: heap-use-after-free /home/vitti/rpmbuild/SOURCES/libX11-1.6.12/src/DrLine.c:50 in XDrawLine
> SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/vitti/libasan.so+0x589c2) in __interceptor_strncpy
> SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/vitti/libasan.so+0x39dd2) in __interceptor_memcpy
> SUMMARY: AddressSanitizer: heap-buffer-overflow (/home/vitti/libasan.so+0x39dd2) in __interceptor_memcpy
> SUMMARY: AddressSanitizer: heap-use-after-free /home/vitti/rpmbuild/SOURCES/libX11-1.6.12/src/DrLine.c:50 in XDrawLine
>
> SUMMARY: AddressSanitizer: heap-use-after-free /home/vitti/rpmbuild/SOURCES/libX11-1.6.12/src/QuExt.c:43 in XQueryExtension
>
> ________________________________________
> Von: Keith Packard <keithp at keithp.com>
> Gesendet: Dienstag, 17. November 2020 03:11
> An: Alan Coopersmith; Walter Harms; Matthieu Herrb; xorg-devel at lists.freedesktop.org
> Cc: Vittorio Zecca
> Betreff: Re: AW: Preparing for libX11 1.7.0
>
> Alan Coopersmith <alan.coopersmith at oracle.com> writes:
>
>> https://lists.x.org/archives/xorg/2020-November/060510.html
>
> I've reviewed this message and believe that this issue has already been
> fixed on Xlib master -- Jacek Caban provided a set of fixes over three
> years ago which have been merged along with some small additional work I
> did as well:
>
> https://gitlab.freedesktop.org/xorg/lib/libx11/-/merge_requests/56
>
> This series gives up on ever freeing locale information due to Xlib API
> design issues, so it's likely to avoid accessing something after it has
> been freed.
>
> --
> -keith
>
--
-Alan Coopersmith- alan.coopersmith at oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/alanc
More information about the xorg-devel
mailing list