Your message dated Wed, 02 Feb 2005 10:17:16 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#285435: fixed in perl 5.8.4-6
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 13 Dec 2004 08:47:53 +0000
>From [EMAIL PROTECTED] Mon Dec 13 00:47:52 2004
Return-path: <[EMAIL PROTECTED]>
Received: from mx.meyering.net [82.230.74.64]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Cdls0-0002G3-00; Mon, 13 Dec 2004 00:47:52 -0800
Received: by mx.meyering.net (Acme Bit-Twister, from userid 1002)
id 21BD8400C; Mon, 13 Dec 2004 09:49:24 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Jim Meyering <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: perl: silent write error can lead to data loss, with patch
X-Mailer: reportbug 3.4
Date: Mon, 13 Dec 2004 09:49:24 +0100
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: perl
Version: 5.8.4-5
Severity: grave
Tags: security patch
Justification: causes non-serious data loss
At first I hesitated to give this the `security' tag, but if you care
about security/reliability and write to a file, then you do want this fix.
And calling this a `grave' bug might be accurate, but only if you're
constantly writing to a nearly-full disk.
I reported this upstream a couple of weeks ago, but was surprised
by the total lack of response. Maybe you'll be more interested:
http://www.xray.mpe.mpg.de/mailing-lists/perl5-porters/2004-12/msg00072.html
http://rt.perl.org/rt3/index.html?q=32745
Sometimes, closing a Perl file handle succeeds even though there have
been write errors via that handle. This bug appears to affect every
version of perl from 5.005_04 to 5.9.1. I didn't build/test versions
earlier than 5.005_04, but the doio.c:do_close function in 5.003 looks
like it has the same problem.
Here's a quick demo that depends on two things:
- you have a /dev/full device (Linux, HPUX, MaxOS-X/Darwin)
- 131072 is a multiple of your system's I/O buffer size
perl -e 'print "x" x 131072; close STDOUT or die "$!\n"' \
> /dev/full 2> /dev/null && echo fail || echo ok
It prints `fail' because at least one write system call failed and Perl's
`close' mistakenly succeeded. It would print `ok' for any size output
other than a multiple of the output buffer size. On the Linux systems
I've checked, that size is 4096. On a ppc/Darwin (7.5.0) system I tested,
the buffer size was 131072.
This means that if your Perl script happens to write precisely the
wrong number of bytes to a full or corrupted disk or to a closed file
descriptor, even if you dutifully check for success when closing the
file handle, the error will go undetected.
Here's another demo. Notice that it fails (as it should) for sizes
131071 and 131073, but not for output of size 131072.
$ perl -e 'print "x" x 131071; close STDOUT or die "$!\n"' > /dev/full
No space left on device
[Exit 28]
$ perl -e 'print "x" x 131072; close STDOUT or die "$!\n"' > /dev/full
$ perl -e 'print "x" x 131073; close STDOUT or die "$!\n"' > /dev/full
No space left on device
[Exit 28]
After applying the patch below, the problematic case (with size being
a multiple of 4096 in my case), now fails, as it should:
$ ./perl -e 'print "x" x 131072; close STDOUT or die "$!\n"' > /dev/full
No space left on device
[Exit 28]
On a Solaris 5.9 system, which lacks /dev/full, I demonstrated
the failure with the following small script that invokes perl with
stdout closed. All invocations of perl should evoke the
`Bad file number' error. But note that on some systems the
closed-stdout test succeeds (perl detects the error) even though
the write-to-/dev/full test fails.
#!/bin/sh
n=1024
for i in 1 2 3 4 5 6; do
echo $n
perl -e 'print "x" x '$n'; close STDOUT or die "$!\n"' >&-
n=`expr 2 \* $n`
done
Here's the output:
1024
Bad file number
2048
Bad file number
4096
Bad file number
8192
Bad file number
16384
32768
This patch fixes the bug and induces no new failures in any of
these versions:
5.005_04
5.6.2
5.8.6
5.9.1
2004-11-30 Jim Meyering <[EMAIL PROTECTED]>
* doio.c (Perl_io_close): Make the return value depend not only on the
success of the close itself, but also on whether the output stream had
a previous error.
--- doio.c.orig 2004-11-29 19:41:05.747199832 +0100
+++ doio.c 2004-12-01 08:39:53.106764936 +0100
@@ -1014,11 +1014,14 @@ Perl_io_close(pTHX_ IO *io, bool not_imp
retval = TRUE;
else {
if (IoOFP(io) && IoOFP(io) != IoIFP(io)) { /* a socket */
- retval = (PerlIO_close(IoOFP(io)) != EOF);
+ bool prev_err = PerlIO_error(IoOFP(io));
+ retval = (PerlIO_close(IoOFP(io)) != EOF && !prev_err);
PerlIO_close(IoIFP(io)); /* clear stdio, fd already
closed */
}
- else
- retval = (PerlIO_close(IoIFP(io)) != EOF);
+ else {
+ bool prev_err = PerlIO_error(IoIFP(io));
+ retval = (PerlIO_close(IoIFP(io)) != EOF && !prev_err);
+ }
}
IoOFP(io) = IoIFP(io) = Nullfp;
}
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.9jmm
Locale: LANG=en_GB.iso88591, LC_CTYPE=en_GB.iso88591 (charmap=ISO-8859-1)
Versions of packages perl depends on:
ii libc6 2.3.2.ds1-19 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-17 Berkeley v4.2 Database Libraries [
ii libgdbm3 1.8.3-2 GNU dbm database routines (runtime
ii perl-base 5.8.4-5 The Pathologically Eclectic Rubbis
ii perl-modules 5.8.4-5 Core Perl modules
-- no debconf information
---------------------------------------
Received: (at 285435-close) by bugs.debian.org; 2 Feb 2005 15:23:04 +0000
>From [EMAIL PROTECTED] Wed Feb 02 07:23:04 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CwMLQ-0006hI-00; Wed, 02 Feb 2005 07:23:04 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1CwMFo-0005St-00; Wed, 02 Feb 2005 10:17:16 -0500
From: Brendan O'Dea <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#285435: fixed in perl 5.8.4-6
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Wed, 02 Feb 2005 10:17:16 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: perl
Source-Version: 5.8.4-6
We believe that the bug you reported is fixed in the latest version of
perl, which is due to be installed in the Debian FTP archive:
libcgi-fast-perl_5.8.4-6_all.deb
to pool/main/p/perl/libcgi-fast-perl_5.8.4-6_all.deb
libperl-dev_5.8.4-6_i386.deb
to pool/main/p/perl/libperl-dev_5.8.4-6_i386.deb
libperl-dev_5.8.4-6_powerpc.deb
to pool/main/p/perl/libperl-dev_5.8.4-6_powerpc.deb
libperl-dev_5.8.4-6_sparc.deb
to pool/main/p/perl/libperl-dev_5.8.4-6_sparc.deb
libperl5.8_5.8.4-6_i386.deb
to pool/main/p/perl/libperl5.8_5.8.4-6_i386.deb
libperl5.8_5.8.4-6_powerpc.deb
to pool/main/p/perl/libperl5.8_5.8.4-6_powerpc.deb
libperl5.8_5.8.4-6_sparc.deb
to pool/main/p/perl/libperl5.8_5.8.4-6_sparc.deb
perl-base_5.8.4-6_i386.deb
to pool/main/p/perl/perl-base_5.8.4-6_i386.deb
perl-base_5.8.4-6_powerpc.deb
to pool/main/p/perl/perl-base_5.8.4-6_powerpc.deb
perl-base_5.8.4-6_sparc.deb
to pool/main/p/perl/perl-base_5.8.4-6_sparc.deb
perl-debug_5.8.4-6_i386.deb
to pool/main/p/perl/perl-debug_5.8.4-6_i386.deb
perl-debug_5.8.4-6_powerpc.deb
to pool/main/p/perl/perl-debug_5.8.4-6_powerpc.deb
perl-debug_5.8.4-6_sparc.deb
to pool/main/p/perl/perl-debug_5.8.4-6_sparc.deb
perl-doc_5.8.4-6_all.deb
to pool/main/p/perl/perl-doc_5.8.4-6_all.deb
perl-modules_5.8.4-6_all.deb
to pool/main/p/perl/perl-modules_5.8.4-6_all.deb
perl-suid_5.8.4-6_i386.deb
to pool/main/p/perl/perl-suid_5.8.4-6_i386.deb
perl-suid_5.8.4-6_powerpc.deb
to pool/main/p/perl/perl-suid_5.8.4-6_powerpc.deb
perl-suid_5.8.4-6_sparc.deb
to pool/main/p/perl/perl-suid_5.8.4-6_sparc.deb
perl_5.8.4-6.diff.gz
to pool/main/p/perl/perl_5.8.4-6.diff.gz
perl_5.8.4-6.dsc
to pool/main/p/perl/perl_5.8.4-6.dsc
perl_5.8.4-6_i386.deb
to pool/main/p/perl/perl_5.8.4-6_i386.deb
perl_5.8.4-6_powerpc.deb
to pool/main/p/perl/perl_5.8.4-6_powerpc.deb
perl_5.8.4-6_sparc.deb
to pool/main/p/perl/perl_5.8.4-6_sparc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Brendan O'Dea <[EMAIL PROTECTED]> (supplier of updated perl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 2 Feb 2005 23:55:27 +1100
Source: perl
Binary: perl-base libcgi-fast-perl libperl-dev perl-debug perl-modules perl
libperl5.8 perl-suid perl-doc
Architecture: all i386 powerpc source sparc
Version: 5.8.4-6
Distribution: unstable
Urgency: high
Maintainer: Brendan O'Dea <[EMAIL PROTECTED]>
Changed-By: Brendan O'Dea <[EMAIL PROTECTED]>
Description:
libperl-dev - Perl library: development files
libperl5.8 - Shared Perl library
perl - Larry Wall's Practical Extraction and Report Language
perl-base - The Pathologically Eclectic Rubbish Lister
perl-debug - Debug-enabled Perl interpreter
perl-suid - Runs setuid Perl scripts
Closes: 285435 290336
Changes:
perl (5.8.4-6) unstable; urgency=high
.
* SECURITY [CAN-2005-0155, CAN-2005-0156]: apply Mandrake patch to
perlio.c which removes a privilege escalation in debug mode and a
buffer overflow.
.
* Make close return false if the stream had prior errors (patch from
Jim Meyering; closes: #285435).
.
* Fix enc2xs to handle missing entries symlinks in @INC, and missing
directories (thanks to Sven Hartge; closes: #290336).
.
* Add --no-backup-if-mismatch to patch/unpatch rules.
* Correct some minor errors in 09_fix_insecure_tempfiles: wrong
quoting in c2ph.PL, documentation of .perldbtty in perldebug.pod .
Files:
0b0aae6d903eda8100ef4d6ec71fdad8 508828 libs optional
libperl5.8_5.8.4-6_i386.deb
1031252bb1192b1a9f57b9eb6bf937a6 31696 perl optional perl-suid_5.8.4-6_i386.deb
16255cbc1bd37cd319c045ff80b280f8 7051068 doc optional perl-doc_5.8.4-6_all.deb
2df3f51a0fca303f8dc51dd042b908f7 3724858 perl optional
perl-debug_5.8.4-6_sparc.deb
ec3f5c2fa2ff2ea22d399afc1d27589c 726 perl standard perl_5.8.4-6.dsc
5d7b3d4be06893bc35ffd998aa2593e1 3587748 perl optional
perl-debug_5.8.4-6_powerpc.deb
64379515ef23061cb27f4d9a4f4e421a 751108 base required
perl-base_5.8.4-6_i386.deb
69d2b01041a24a50fd2ec6d7c799fa56 3626968 perl optional
perl-debug_5.8.4-6_i386.deb
6f858de5cc1be65a3c64b0563711be8b 3547186 perl standard perl_5.8.4-6_sparc.deb
7ab146a8db513f0ec2938c6162fd0c3c 567016 libdevel optional
libperl-dev_5.8.4-6_i386.deb
82c3090d0c799c46f77a63009c6beb9b 31022 perl optional
perl-suid_5.8.4-6_sparc.deb
8421b40d8f42cc7b43716d6520000d71 1030 libs optional
libperl5.8_5.8.4-6_powerpc.deb
b5dccae7300f2e35198ef3cfe64aca1e 3509124 perl standard perl_5.8.4-6_powerpc.deb
c570e5b89b0d37d612ec12af485d18b6 78696 perl standard perl_5.8.4-6.diff.gz
c69ca4e42ae4ad7852e18af4a9c7e771 37492 perl extra
libcgi-fast-perl_5.8.4-6_all.deb
c8de5ebee1d27e6ca3555f4bccecfcc2 2178272 perl standard
perl-modules_5.8.4-6_all.deb
d74f4174b25d93ba7f5121a2d346af5a 33578 perl optional
perl-suid_5.8.4-6_powerpc.deb
da371972a9553c6689c48e44e99e0ac0 624944 libdevel optional
libperl-dev_5.8.4-6_powerpc.deb
f26be4ccf428a29cbc6b18421745611d 3237900 perl standard perl_5.8.4-6_i386.deb
f7c018f8a7c3db8ac2007ddc55fae9ae 1030 libs optional
libperl5.8_5.8.4-6_sparc.deb
f8d6ebb4ac315e5fc2072ade06fb0a63 582230 libdevel optional
libperl-dev_5.8.4-6_sparc.deb
fe888ca0a6a830722c2960f73fdc419e 774694 base required
perl-base_5.8.4-6_sparc.deb
fea71362bd03fcf12448d8d4557a093c 789112 base required
perl-base_5.8.4-6_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCAOtw8NyOALKMWZURAvnRAJ9xoUsp27fCcLJJJ6uKoirMktcuegCgj7ls
CuKP8AxHS/rGWFOM4nKSjwk=
=zu7Y
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
