Your message dated Fri, 19 Jun 2009 07:47:24 +0000
with message-id <[email protected]>
and subject line Bug#530131: fixed in ltp 20090531+dfsg-2
has caused the Debian Bug report #530131,
regarding libcurl3-gnutls has memory corruption
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
530131: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530131
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libcurl3-gnutls
Version: 7.18.2-8lenny2
Hello!
I'm using libcurl-7.18.2 with GNU-TLS, with curl_multi_* interface.
I'm not using share handles. When i start my program on server with
high bandwidth rate, with a large amount of network streams, libcurl
causes memory corruption.
I've wrote simple testcase(libcurl_bug_testcase.c), that reproduces
programs behaviour. Don't worry about irrational usage of
curl_easy_setopt, this is done to duplicate behaviour of my
apllication, which is much more complex then this testcase. Also i'm
attaching links set, with which bug appears(links.txt).
When i run testcase under valgrind, in 80 network streams, there is
memory corruption in libcurl. There is invalid write of 4 bytes in
multi_runsingle (multi.c:907), which causes magic behaviour. You can
see it in attachment(valgrind_error_log.txt). If i run testcase
without valgrind, memory corruption results in segmentation fault.
I checked this testcase with libcurl-7.19.5 and it seems, that bug is
fixed in it(i configured it with folowing options:
--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt --without-ssl
--with-gnutls --without-libssh2).
My system info:
uname -a
Linux * 2.6.26-2-686 #1 SMP Thu Mar 26 01:08:11 UTC 2009 i686 GNU/Linux
aptitude show libcurl3-gnutls
Package: libcurl3-gnutls
State: installed
Automatically installed: yes
Version: 7.18.2-8lenny2
Priority: optional
Section: libs
Maintainer: Domenico Andreoli <[email protected]>
Uncompressed Size: 418k
Depends: libc6 (>= 2.7-1), libgnutls26 (>= 2.4.0-0), libidn11
(>= 0.5.18), libkrb53 (>= 1.6.dfsg.2), libldap-2.4-2 (>= 2.4.7),
zlib1g (>= 1:1.1.4), ca-certificates
Conflicts: libcurl4-gnutls
Replaces: libcurl4-gnutls
Description: Multi-protocol file transfer library (GnuTLS)
libcurl is designed to be a solid, usable, reliable and
portable multi-protocol file transfer library.
SSL support is provided by GnuTLS.
This is the shared version of libcurl.
Homepage: http://curl.haxx.se
gcc -v
Using built-in specs.
Target: i486-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian
4.3.2-1.1' --with-bugurl=file:///usr/share/doc/gcc-4.3/README.Bugs
--enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr
--enable-shared --with-system-zlib --libexecdir=/usr/lib
--without-included-gettext --enable-threads=posix --enable-nls
--with-gxx-include-dir=/usr/include/c++/4.3 --program-suffix=-4.3
--enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc
--enable-mpfr --enable-targets=all --enable-cld
--enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu
--target=i486-linux-gnu
Thread model: posix
gcc version 4.3.2 (Debian 4.3.2-1.1)
Attachments:
libcurl_bug_testcase.c - testcase, that reproduces memory corruption.
links.txt - file with links, that should be passed to testcase.
valgrind_error_log.txt - valgrind output on my server/desktop.
With best regards, Piter Smith.
attachments.tar.gz
Description: GNU Zip compressed data
--- End Message ---
--- Begin Message ---
Source: ltp
Source-Version: 20090531+dfsg-2
We believe that the bug you reported is fixed in the latest version of
ltp, which is due to be installed in the Debian FTP archive:
ltp-commands-test_20090531+dfsg-2_i386.deb
to pool/main/l/ltp/ltp-commands-test_20090531+dfsg-2_i386.deb
ltp-dev_20090531+dfsg-2_i386.deb
to pool/main/l/ltp/ltp-dev_20090531+dfsg-2_i386.deb
ltp-disc-test_20090531+dfsg-2_i386.deb
to pool/main/l/ltp/ltp-disc-test_20090531+dfsg-2_i386.deb
ltp-kernel-test_20090531+dfsg-2_i386.deb
to pool/main/l/ltp/ltp-kernel-test_20090531+dfsg-2_i386.deb
ltp-misc-test_20090531+dfsg-2_i386.deb
to pool/main/l/ltp/ltp-misc-test_20090531+dfsg-2_i386.deb
ltp-network-test_20090531+dfsg-2_i386.deb
to pool/main/l/ltp/ltp-network-test_20090531+dfsg-2_i386.deb
ltp-tools_20090531+dfsg-2_i386.deb
to pool/main/l/ltp/ltp-tools_20090531+dfsg-2_i386.deb
ltp_20090531+dfsg-2.diff.gz
to pool/main/l/ltp/ltp_20090531+dfsg-2.diff.gz
ltp_20090531+dfsg-2.dsc
to pool/main/l/ltp/ltp_20090531+dfsg-2.dsc
ltp_20090531+dfsg-2_all.deb
to pool/main/l/ltp/ltp_20090531+dfsg-2_all.deb
ltp_20090531+dfsg.orig.tar.gz
to pool/main/l/ltp/ltp_20090531+dfsg.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jiri Palecek <[email protected]> (supplier of updated ltp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 17 Jun 2009 01:44:35 +0200
Source: ltp
Binary: ltp-tools ltp-dev ltp-kernel-test ltp-network-test ltp-commands-test
ltp-misc-test ltp-disc-test ltp
Architecture: source all i386
Version: 20090531+dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Jiri Palecek <[email protected]>
Changed-By: Jiri Palecek <[email protected]>
Description:
ltp - The Linux Test Project test suite
ltp-commands-test - Command tests for the Linux Test Project
ltp-dev - development files for Linux Test Project
ltp-disc-test - Disk I/O tests for the Linux Test Project
ltp-kernel-test - kernel tests for the Linux Test Project
ltp-misc-test - Misc. tests for the Linux Test Project
ltp-network-test - Network tests for the Linux Test Project
ltp-tools - Utilities for running the Linux Test Project test suite
Closes: 520837 530129 530130 530131 530132 530133
Changes:
ltp (20090531+dfsg-2) unstable; urgency=low
.
* Fix some build failures (thanks Riku Voipio)
.
ltp (20090531+dfsg-1) unstable; urgency=low
.
* New upstream version
- some executables (eg. pan) are renamed (eg. to ltp-pan)
* Install files under /usr/lib/ltp/ instead of /usr/lib/debian-test/
* First version of new ltpmenu2 script, rewritten in perl, with
perspective of future improvements
* Change the dependency on libcap2-dev to allow satisfying it with
libcap-dev, thanks to Torsten Werner (Closes: #520837).
* Fix some bashisms (closes: #530129, #530130, #530131, #530132, #530133)
* Recommend all ltp-*-test packages in ltp (thanks Marc Tardif)
Checksums-Sha1:
555292768911b237b979931596a7aa503bf1a36a 1400 ltp_20090531+dfsg-2.dsc
60489ab74b4debdd71e618a70777b40255cabeba 4849284 ltp_20090531+dfsg.orig.tar.gz
d5394bcb417d0b74ea6ef9baaec4f1ce1e79617e 86839 ltp_20090531+dfsg-2.diff.gz
bdbf06e8abeb05829d9bb5e55019871022877ebb 284652 ltp_20090531+dfsg-2_all.deb
4e44b232cb9d69a3a5972e816db44e1d49baa7ac 346800
ltp-tools_20090531+dfsg-2_i386.deb
b2f23a08c107929137f25f3ddb18b51a663911cf 345416
ltp-dev_20090531+dfsg-2_i386.deb
445936d3ab344e8a751414f3fdbbb44f42343d89 5191678
ltp-kernel-test_20090531+dfsg-2_i386.deb
43df01e5423609934026a0a84f34ad10a02fd715 751122
ltp-network-test_20090531+dfsg-2_i386.deb
4a4114a9a82a748a4852031c3fc634e15ee3995d 326014
ltp-commands-test_20090531+dfsg-2_i386.deb
bb39fbec9a860dbeffa09fd580d998d671cf20f0 6204694
ltp-misc-test_20090531+dfsg-2_i386.deb
9c2574cac5913b88fcc6ccb88673867f63b6ae83 315088
ltp-disc-test_20090531+dfsg-2_i386.deb
Checksums-Sha256:
d987fdaee4d0473e24984dd455226e406e12e6b5f11d5ba67e7e49277097b911 1400
ltp_20090531+dfsg-2.dsc
e61fb20386e09d74be586849921516f005f66fbb63a71367440d26b12fdb78af 4849284
ltp_20090531+dfsg.orig.tar.gz
e2318b75de9f11ebeab41a81f9b4e405dec7823b0f2d7a3a2bfd29d056a908ee 86839
ltp_20090531+dfsg-2.diff.gz
e2109009dba81ead63013efc365c460fcc734dacd62ddfb771d5612d4866a9cd 284652
ltp_20090531+dfsg-2_all.deb
7923fa02d3d1b7eb447475ef24429abf3f022d3e9ef1da36b0709f16320bc449 346800
ltp-tools_20090531+dfsg-2_i386.deb
7919503ba76e05f629a3fba99770b47be8531820d2c6e9e071dc7d9e1579183a 345416
ltp-dev_20090531+dfsg-2_i386.deb
78aae6c8394ea55c4fe87059ea739301812d7ae1879e97696b6d462133214f25 5191678
ltp-kernel-test_20090531+dfsg-2_i386.deb
b721f338c6979623fc80b509f4151f6d1f2f8c6d809607ba8ed4e3d3f0f7eb4e 751122
ltp-network-test_20090531+dfsg-2_i386.deb
d0a01f6b158c8fe7f91744e9f090eacb75ece9dd59147389ca15a67f709d8d83 326014
ltp-commands-test_20090531+dfsg-2_i386.deb
5200ea810178609cf1c80fe4e063d3466f94b03ad26fbc3cbd91a2b376e3aa66 6204694
ltp-misc-test_20090531+dfsg-2_i386.deb
50e3a99fb83cd3347560df7b56e67738fc8ae1b881b88deb1d6216bfe32a21ae 315088
ltp-disc-test_20090531+dfsg-2_i386.deb
Files:
507dc1b2563c2b095db02bd12c0670b4 1400 misc extra ltp_20090531+dfsg-2.dsc
23443bc63e4ff54884ceb8972a84243b 4849284 misc extra
ltp_20090531+dfsg.orig.tar.gz
1b2b6b298114e26d0f2a46c49e9bb88a 86839 misc extra ltp_20090531+dfsg-2.diff.gz
13378206fe8238e03cd7438400c53baf 284652 misc extra ltp_20090531+dfsg-2_all.deb
91a75f403a3606c127771e4ac7e34a61 346800 misc extra
ltp-tools_20090531+dfsg-2_i386.deb
e20031d068c6be477553eb37117a7c7b 345416 misc extra
ltp-dev_20090531+dfsg-2_i386.deb
2471b2ce6427723edda11765459bbea9 5191678 misc extra
ltp-kernel-test_20090531+dfsg-2_i386.deb
188cdb6e2b61d2394ee35d3366dd72ad 751122 misc extra
ltp-network-test_20090531+dfsg-2_i386.deb
ca6608d520579b2d64e5aea57500bdbb 326014 misc extra
ltp-commands-test_20090531+dfsg-2_i386.deb
0ed7f15fe9c6520c810279d48fbe2bdf 6204694 misc extra
ltp-misc-test_20090531+dfsg-2_i386.deb
d99d9e09a9ae69eb9dfd737c57b8bc96 315088 misc extra
ltp-disc-test_20090531+dfsg-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKOz1PibPvMsrqrwMRAkm5AJ9VfPhT0nOE73aJkErUHYKgu2ax+QCeJvD9
qWKLzL73E7az1iRkvoQ7uQI=
=IEeB
-----END PGP SIGNATURE-----
--- End Message ---
