On Mon, Feb 9, 2015 at 2:08 AM, Santiago Ruano Rincón <santi...@riseup.net> wrote: > El 01/02/15 a las 08:39, Jim Meyering escribió: >> I obtained a CVE number for this flaw and added a reference to it in NEWS. >> Also fixed a now-unnecessary "goto" in related code. > > Hi, > > I'm running kwset-abuse test, but I don't get any difference with or > without the fix for this CVE (in kwset.c). Do you think there is an > issue with the test? Maybe something related to my platform? > > Cheers, > > Santiago > > PS. kwset-abuse.log attached
Thanks for checking. I've just confirmed that backing out that fix and running kwset-abuse does trigger a segfault on a rawhide x86-64 system, but not on a debian unstable (also x86-64) system. The trouble is that the test case is sensitive to the implementation details of the allocator and system details like page size. The test case was designed to trigger the segfault, given a particular observed behavior. If you can tune the test to trigger a failure on your system, I'd be happy to accept a patch that adds another case for that.
