Source: ispell
Version: 3.3.02-6
Severity: wishlist
User: reproducible-builds@lists.alioth.debian.org
Usertags: randomness toolchain

Hi!

While working on Debian's “reproducible builds” effort [1], we have
noticed that buildhash from ispell produces unreproducible .hash files
(example [2]).

After some investigation, I found out that those undeterministic lines
come when "sflaglist" (which is a list of "flagent" structs) is written [3].
The problem is that "sizeof(struct flagent)" is 800 bytes, while the summed up
size of the individual members is only 794 bytes [4].
So after those 794 bytes are written, the remaining 6 bytes are read from
uninitialized memory (which is undeterministic).
Packing the struct (__attribute__ ((__packed__))) would probably help, but
is no solution as this would change the size of the .hash files and other
tools reading them will probably have problems.

The best solution is probably to initialize the whole sflaglist
(or each flagent) with zero when it is allocated.


Regards,
 Reiner

[1]: https://wiki.debian.org/ReproducibleBuilds
[2]: https://packages.debian.org/jessie/lava-server
[3]: https://sources.debian.net/src/ispell/3.3.02-6/buildhash.c/#L398
[4]: https://sources.debian.net/src/ispell/3.3.02-6/ispell.h/#L332

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Reproducible-builds mailing list
Reproducible-builds@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds

Reply via email to