Source: ispell
Version: 3.3.02-6
Severity: wishlist
Usertags: randomness toolchain


While working on Debian's “reproducible builds” effort [1], we have
noticed that buildhash from ispell produces unreproducible .hash files
(example [2]).

After some investigation, I found out that those undeterministic lines
come when "sflaglist" (which is a list of "flagent" structs) is written [3].
The problem is that "sizeof(struct flagent)" is 800 bytes, while the summed up
size of the individual members is only 794 bytes [4].
So after those 794 bytes are written, the remaining 6 bytes are read from
uninitialized memory (which is undeterministic).
Packing the struct (__attribute__ ((__packed__))) would probably help, but
is no solution as this would change the size of the .hash files and other
tools reading them will probably have problems.

The best solution is probably to initialize the whole sflaglist
(or each flagent) with zero when it is allocated.



Attachment: signature.asc
Description: OpenPGP digital signature

Reproducible-builds mailing list

Reply via email to