diff --git a/debian/changelog b/debian/changelog index ad187f6b..002f1298 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,9 @@ ostree (2018.6-3) UNRELEASED; urgency=medium * d/p/avahi-Fail-immediately-if-we-can-t-talk-to-D-Bus-or-Avahi.patch: Mark as applied upstream + * d/p/OstreeRepoFinderConfig-Fix-guint-gsize-confusion.patch: + Add patch to fix incorrect type aliasing that caused assertion + failures on 64-bit big-endian platforms (Closes: #902209) -- Simon McVittie Sat, 23 Jun 2018 13:15:28 +0100 diff --git a/debian/patches/OstreeRepoFinderConfig-Fix-guint-gsize-confusion.patch b/debian/patches/OstreeRepoFinderConfig-Fix-guint-gsize-confusion.patch new file mode 100644 index 00000000..9964c713 --- /dev/null +++ b/debian/patches/OstreeRepoFinderConfig-Fix-guint-gsize-confusion.patch @@ -0,0 +1,52 @@ +From: Simon McVittie +Date: Sun, 24 Jun 2018 12:56:49 +0100 +Subject: OstreeRepoFinderConfig: Fix guint/gsize confusion + +If a function has a guint "out argument", passing a pointer to a gsize +is not, in general, valid. On an ILP64 platform there is no problem +since guint and gsize are identical, but on an LP64 platform it will +overwrite only the first word of the gsize, leaving the second word +unaffected. On little-endian machines, if the second word is +zero-initialized (as it is here), the result is numerically equal to +the guint, but on big-endian machines the result is around 4 billion +times what it should be, resulting in +ostree_repo_finder_config_resolve_async() reading past the end of +the array and causing undefined behaviour. + +In practice this caused assertion failures (and consequently test +failures) on Debian's s390x (z/Architecture), ppc64 (64-bit PowerPC) +and sparc64 (64-bit SPARC) ports. + +Bug: https://github.com/ostreedev/ostree/issues/1640 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902209 +Forwarded: https://github.com/ostreedev/ostree/pull/1641 +Signed-off-by: Simon McVittie +--- + src/libostree/ostree-repo-finder-config.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/libostree/ostree-repo-finder-config.c b/src/libostree/ostree-repo-finder-config.c +index 4366d72..06f6165 100644 +--- a/src/libostree/ostree-repo-finder-config.c ++++ b/src/libostree/ostree-repo-finder-config.c +@@ -96,7 +96,7 @@ ostree_repo_finder_config_resolve_async (OstreeRepoFinder *find + GHashTableIter iter; + const gchar *remote_name; + g_auto(GStrv) remotes = NULL; +- gsize n_remotes = 0; ++ guint n_remotes = 0; + + task = g_task_new (finder, cancellable, callback, user_data); + g_task_set_source_tag (task, ostree_repo_finder_config_resolve_async); +@@ -106,9 +106,9 @@ ostree_repo_finder_config_resolve_async (OstreeRepoFinder *find + + /* List all remotes in this #OstreeRepo and see which of their ref lists + * intersect with @refs. */ +- remotes = ostree_repo_remote_list (parent_repo, (guint *) &n_remotes); ++ remotes = ostree_repo_remote_list (parent_repo, &n_remotes); + +- g_debug ("%s: Checking %" G_GSIZE_FORMAT " remotes", G_STRFUNC, n_remotes); ++ g_debug ("%s: Checking %u remotes", G_STRFUNC, n_remotes); + + for (i = 0; i < n_remotes; i++) + { diff --git a/debian/patches/series b/debian/patches/series index c46336dc..0959dad3 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1,3 @@ lib-repo-Fix-32-bit-format-string-error.patch avahi-Fail-immediately-if-we-can-t-talk-to-D-Bus-or-Avahi.patch +OstreeRepoFinderConfig-Fix-guint-gsize-confusion.patch