Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: pu
Hi, as described on #736254, a memory allocation bug in Wheezy's libglib-object-introspection-perl causes segfaults in reverse-dependencies (#695838). I've tracked this down to a single upstream commit, that has been part of sid since last June, and fixes the bug once applied on top of the Wheezy version. That's why I'm proposing to apply this patch on Wheezy (debdiff attached). The only reverse-dependencies of libglib-object-introspection-perl in Wheezy are libclutter-perl (that itself has no reverse-dependencies) and libgtk3-perl (whose only reverse-dependency is parcimonie, which I have successfully tested on a system with the proposed package update applied). So, the scope of potential adverse effect on packages included in stable seems very limited. May I upload libglib-object-introspection-perl 0.009-1+deb7u1 to stable? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
diff -Nru libglib-object-introspection-perl-0.009/debian/changelog libglib-object-introspection-perl-0.009/debian/changelog --- libglib-object-introspection-perl-0.009/debian/changelog 2012-05-24 13:36:25.000000000 +0200 +++ libglib-object-introspection-perl-0.009/debian/changelog 2014-01-21 17:13:12.000000000 +0100 @@ -1,3 +1,12 @@ +libglib-object-introspection-perl (0.009-1+deb7u1) stable; urgency=medium + + * 0001-Use-the-correct-allocator-for-caller-allocated-boxed.patch: + new patch, cherry-picked from upstream. This fixes incorrect memory + allocation that causes segfaults in reverse-dependencies + (Closes: #736254). + + -- intrigeri <intrig...@debian.org> Tue, 21 Jan 2014 17:10:07 +0100 + libglib-object-introspection-perl (0.009-1) unstable; urgency=low * Imported Upstream version 0.009 diff -Nru libglib-object-introspection-perl-0.009/debian/patches/0001-Use-the-correct-allocator-for-caller-allocated-boxed.patch libglib-object-introspection-perl-0.009/debian/patches/0001-Use-the-correct-allocator-for-caller-allocated-boxed.patch --- libglib-object-introspection-perl-0.009/debian/patches/0001-Use-the-correct-allocator-for-caller-allocated-boxed.patch 1970-01-01 01:00:00.000000000 +0100 +++ libglib-object-introspection-perl-0.009/debian/patches/0001-Use-the-correct-allocator-for-caller-allocated-boxed.patch 2014-01-21 17:13:12.000000000 +0100 @@ -0,0 +1,62 @@ +From: Torsten Schönfeld <kaffeeti...@gmx.de> +Date: Tue, 14 Aug 2012 21:23:35 +0200 +Origin: upstream, https://git.gnome.org/browse/perl-Glib-Object-Introspection/commit/?id=1e4f04c1fea19e4d04b0ccf6d7bfc0b353e57562 +Bug-Debian: https://bugs.debian.org/736254 +Bug-GNOME: https://bugzilla.gnome.org/show_bug.cgi?id=680380 +Applied-Upstream: 0.012 +Subject: Use the correct allocator for caller-allocated boxed out-args + +Previously, we simply always used malloc(). But for a boxed type, which has an +associated custom free function, this might not be the correct allocator. For +example, GtkTreeIter uses GSlice. Make an extra copy of the malloc()-ed block +to ensure consistency. + +https://bugzilla.gnome.org/show_bug.cgi?id=680380 +--- + gperl-i11n-invoke-c.c | 22 ++++++++++++++++++++-- + 1 file changed, 20 insertions(+), 2 deletions(-) + +diff --git a/gperl-i11n-invoke-c.c b/gperl-i11n-invoke-c.c +index 1b3d57f..6ff6478 100644 +--- a/gperl-i11n-invoke-c.c ++++ b/gperl-i11n-invoke-c.c +@@ -284,10 +284,16 @@ allocate_out_mem (GITypeInfo *arg_type) + { + GIBaseInfo *interface_info; + GIInfoType type; ++ gboolean is_boxed = FALSE; ++ GType gtype = G_TYPE_INVALID; + + interface_info = g_type_info_get_interface (arg_type); + g_assert (interface_info); + type = g_base_info_get_type (interface_info); ++ if (GI_IS_REGISTERED_TYPE_INFO (interface_info)) { ++ gtype = get_gtype (interface_info); ++ is_boxed = g_type_is_a (gtype, G_TYPE_BOXED); ++ } + g_base_info_unref (interface_info); + + switch (type) { +@@ -295,8 +301,20 @@ allocate_out_mem (GITypeInfo *arg_type) + { + /* No plain g_struct_info_get_size (interface_info) here so + * that we get the GValue override. */ +- gsize size = size_of_interface (arg_type); +- return g_malloc0 (size); ++ gsize size; ++ gpointer mem; ++ size = size_of_interface (arg_type); ++ mem = g_malloc0 (size); ++ if (is_boxed) { ++ /* For a boxed type, malloc() might not be the right ++ * allocator. For example, GtkTreeIter uses GSlice. ++ * So use g_boxed_copy() to make a copy of the newly ++ * allocated block using the correct allocator. */ ++ gpointer real_mem = g_boxed_copy (gtype, mem); ++ g_free (mem); ++ mem = real_mem; ++ } ++ return mem; + } + default: + g_assert_not_reached (); diff -Nru libglib-object-introspection-perl-0.009/debian/patches/series libglib-object-introspection-perl-0.009/debian/patches/series --- libglib-object-introspection-perl-0.009/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ libglib-object-introspection-perl-0.009/debian/patches/series 2014-01-21 17:13:12.000000000 +0100 @@ -0,0 +1 @@ +0001-Use-the-correct-allocator-for-caller-allocated-boxed.patch
