Package: libicu52
Version: 52.1-8+deb8u5
Severity: normal
Tags: upstream
Dear Maintainer,
While testing PostgreSQL 10 beta with ICU-52.1, crashing bugs
were found on certain combinations of inputs and collations.
One crash can be distilled to the following standalone
test case:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "unicode/ustring.h"
#include "unicode/utypes.h"
#include "unicode/ucol.h"
int utf8_compare(const char *loc, const char *s1, const char *s2)
{
UCollator *coll;
UCollationResult result;
UErrorCode status = U_ZERO_ERROR ;
coll = ucol_open(loc, &status);
if (U_FAILURE(status)){
fprintf(stderr, "ucol_open failed\n");
exit(1);
}
result = ucol_strcollUTF8(coll, s1, strlen(s1), s2, strlen(s2), &status);
return U_SUCCESS(status);
}
int main()
{
/* This segfaults in memcpy after allocating 4*4GB and overflowing.
Happens only with specific collations and inputs */
utf8_compare("bs-Cyrl-BA-u-co-search",
"\xec\xb3\xad\xe5\x96\xa9\x7a\x7a",
"\xec\xbd\x97\xe5\x96\xa9\x7a\x78\xe3\x8e\x8d");
return 0;
}
-- System Information:
Debian Release: 8.6
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/16 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libicu52 depends on:
ii libc6 2.19-18+deb8u10
ii libgcc1 1:4.9.2-10
ii libstdc++6 4.9.2-10
ii multiarch-support 2.19-18+deb8u6
libicu52 recommends no packages.
libicu52 suggests no packages.
-- no debconf information
