Your message dated Sat, 16 Nov 2019 10:08:47 +0000
with message-id
<83c9ffab6f08361485f70dda4733a7a24aeec09b.ca...@adam-barratt.org.uk>
and subject line Closing bugs for 10.2 point release fixes
has caused the Debian Bug report #940548,
regarding buster-pu: package nx-libs/2:3.5.99.19-3+deb10u2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
940548: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940548
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: important
Tags: buster
User: [email protected]
Usertags: pu
Dear release team,
I just uploaded a regression fix of nx-libs to Debian buster (+deb10u2).
A severe issue had been discovered that slipped through my awareness
filter (I am sorry for this!):
+ * debian/patches:
+ + Fix 0033_Screen.c-fix-two-memleaks.patch. Was not fully cherry-picked.
+ Fixes double free issue. (Closes: #940103).
-> The nxagent Xserver of the current nx-libs version (+deb10u1) in
buster (10.1) segfaults with a double free issue immediately after
session startup. This makes the nxagent unusable and entirely breaks X2Go
Server.
Test-wise, this can be reproduced by launching "nxagent -ac :1" locally
(in nested mode).
```
[...]
NXAGENT - Version 3.5.99.19
Copyright (c) 2001, 2011 NoMachine (http://www.nomachine.com)
Copyright (c) 2008-2014 Oleksandr Shneyder <[email protected]>
Copyright (c) 2011-2016 Mike Gabriel <[email protected]>
Copyright (c) 2014-2016 Ulrich Sibiller <[email protected]>
Copyright (c) 2014-2016 Mihai Moldovan <[email protected]>
Copyright (c) 2015-2016 Qindel Group (http://www.qindel.com)
See https://github.com/ArcticaProject/nx-libs for more information.
Info: Agent running with pid '18512'.
Session: Starting session at 'Tue Sep 17 09:13:39 2019'.
free(): double free detected in tcache 2
Aborted
```
Fixing this issue is highly pressing, so I'd like to ask to get this into
Debian buster before the next point release, that is: asap. Sorry, for
causing this hassle.
+ * debian/patches:
+ + Add 0051-Screen.c-initialize-RandR-only-on-startup.patch. Regression
+ fix introduced with +deb10u1 upload (by patch 0014).
-> Upstream also fixed another double free issue, also introduced by a patch
that got added with +deb10u1. This problem has not been so obvious, it
only occurs when resuming a suspended session. Resuming sessions is one
of X2Go's core features, so it would be good getting this fixed in buster
asap, too.
Thanks + sorry for the inconvenience.
Mike
-- System Information:
Debian Release: 10.1
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru nx-libs-3.5.99.19/debian/changelog nx-libs-3.5.99.19/debian/changelog
--- nx-libs-3.5.99.19/debian/changelog 2019-06-22 11:49:12.000000000 +0200
+++ nx-libs-3.5.99.19/debian/changelog 2019-09-16 16:30:50.000000000 +0200
@@ -1,3 +1,13 @@
+nx-libs (2:3.5.99.19-3+deb10u2) buster; urgency=medium
+
+ * debian/patches:
+ + Fix 0033_Screen.c-fix-two-memleaks.patch. Was not fully cherry-picked.
+ Fixes double free issue. (Closes: #940103).
+ + Add 0051-Screen.c-initialize-RandR-only-on-startup.patch. Regression
+ fix introduced with +deb10u1 upload (by patch 0014).
+
+ -- Mike Gabriel <[email protected]> Mon, 16 Sep 2019 16:30:50 +0200
+
nx-libs (2:3.5.99.19-3+deb10u1) buster; urgency=medium
* Patch backport of upstream's memleak-hunt...
diff -Nru nx-libs-3.5.99.19/debian/patches/0033_Screen.c-fix-two-memleaks.patch
nx-libs-3.5.99.19/debian/patches/0033_Screen.c-fix-two-memleaks.patch
--- nx-libs-3.5.99.19/debian/patches/0033_Screen.c-fix-two-memleaks.patch
2019-06-22 11:49:12.000000000 +0200
+++ nx-libs-3.5.99.19/debian/patches/0033_Screen.c-fix-two-memleaks.patch
2019-09-16 16:30:50.000000000 +0200
@@ -46,16 +46,24 @@
return FALSE;
}
-@@ -1399,7 +1414,7 @@
- free(pScreen->allowedDepths[i].vids);
- }
-
+@@ -1391,15 +1406,7 @@
+ * by fbScreenInit with our own.
+ */
+
+- for (int i = 0; i < pScreen->numDepths; i++)
+- {
+- #ifdef DEBUG
+- fprintf(stderr, "%s: depth [%d] index [%d] vids [%p]\n", __func__,
pScreen->allowedDepths[i].depth, i, (void*) pScreen->allowedDepths[i].vids);
+- #endif
+- free(pScreen->allowedDepths[i].vids);
+- }
+-
- free(pScreen -> allowedDepths);
+ freeDepths(pScreen->allowedDepths, pScreen->numDepths);
pScreen -> allowedDepths = depths;
pScreen -> numDepths = numDepths;
pScreen -> rootDepth = rootDepth;
-@@ -2146,11 +2161,8 @@
+@@ -2146,11 +2153,8 @@
* them again.
*/
@@ -69,7 +77,7 @@
pScreen->numDepths = 0;
-@@ -2160,7 +2172,6 @@
+@@ -2160,7 +2164,6 @@
free(((PixmapPtr)pScreen -> devPrivate) -> devPrivate.ptr);
free(pScreen->devPrivate);pScreen->devPrivate = NULL;
diff -Nru
nx-libs-3.5.99.19/debian/patches/0051-Screen.c-initialize-RandR-only-on-startup.patch
nx-libs-3.5.99.19/debian/patches/0051-Screen.c-initialize-RandR-only-on-startup.patch
---
nx-libs-3.5.99.19/debian/patches/0051-Screen.c-initialize-RandR-only-on-startup.patch
1970-01-01 01:00:00.000000000 +0100
+++
nx-libs-3.5.99.19/debian/patches/0051-Screen.c-initialize-RandR-only-on-startup.patch
2019-09-16 16:30:50.000000000 +0200
@@ -0,0 +1,37 @@
+From a7abd45a82737bfcba7af6ba46d3f372a5f97de6 Mon Sep 17 00:00:00 2001
+From: Ulrich Sibiller <[email protected]>
+Date: Mon, 12 Aug 2019 23:11:34 +0200
+Subject: [PATCH] Screen.c: initialize RandR only on startup...
+
+... not on reconnect. After the reconnect RRCloseScreen was called
+twice which caused a double free. This was introduced with
+3b06ad51d91ff2b9442f159cddf34ed03bc2dd35
+
+Fixes ArcticaProject/nx-libs#833
+---
+ nx-X11/programs/Xserver/hw/nxagent/Screen.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+--- a/nx-X11/programs/Xserver/hw/nxagent/Screen.c
++++ b/nx-X11/programs/Xserver/hw/nxagent/Screen.c
+@@ -1702,14 +1702,14 @@
+
+ #define POSITION_OFFSET (pScreen->myNum * (nxagentOption(Width) + \
+ nxagentOption(Height)) / 32)
+- }
+
+- /*
+- * Complete the initialization of the RANDR
+- * extension.
+- */
++ /*
++ * Complete the initialization of the RANDR
++ * extension.
++ */
+
+- nxagentInitRandRExtension(pScreen);
++ nxagentInitRandRExtension(pScreen);
++ }
+
+ #ifdef TEST
+ nxagentPrintAgentGeometry(NULL, "nxagentOpenScreen:");
diff -Nru nx-libs-3.5.99.19/debian/patches/series
nx-libs-3.5.99.19/debian/patches/series
--- nx-libs-3.5.99.19/debian/patches/series 2019-06-22 11:49:12.000000000
+0200
+++ nx-libs-3.5.99.19/debian/patches/series 2019-09-16 16:30:50.000000000
+0200
@@ -25,6 +25,7 @@
0042_mi-miexpose.c-add-missing-free.patch
0049_xkb-fix-what-looks-to-be-a-copy-paste-error-with-fir.patch
0050_Keyboard.c-fix-another-cppcheck-finding.patch
+0051-Screen.c-initialize-RandR-only-on-startup.patch
2001_nx-X11_install-location.debian.patch
2002_xserver-xext_set-securitypolicy-path.debian.patch
2003_nxdialog-use-python3.patch
--- End Message ---
--- Begin Message ---
Package: release.debian.org
Version: 10.2
Hi,
The fixes referenced by these bugs were included in today's 10.2 stable
point release.
Regards,
Adam
--- End Message ---
