Re: ibus/CVE-2019-14822/glibc

2020-01-21 Thread Brian May 
Brian May  writes:

> commit 7cba800a84730c9c5843acdd775e42b8c1438edf (HEAD)
> Author: Alexander Larsson 
> Date:   Mon Jun 1 10:02:47 2015 +0200

This patch decreases the number of errors from 1 to 52.


(jessie-amd64-default)brian@silverfish:~/debian/lts/packages/glib2.0/glib$ 
gio/tests/network-monitor
/network-monitor/default: 
(/home/brian/debian/lts/packages/glib2.0/glib/gio/tests/.libs/lt-network-monitor:20114):
 GLib-GObject-CRITICAL **: g_object_ref: assertion 'G_IS_OBJECT (object)' failed
Trace/breakpoint trap


gdb shows:

(jessie-amd64-default)brian@silverfish:~/debian/lts/packages/glib2.0/glib$ 
LD_LIBRARY_PATH=$PWD/gio/.libs gdb gio/tests/.libs/network-monitor   core
GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from gio/tests/.libs/network-monitor...done.
[New LWP 22889]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `gio/tests/.libs/network-monitor'.
Program terminated with signal SIGTRAP, Trace/breakpoint trap.
#0  0x7f035382adc0 in g_logv () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
(gdb) bt
#0  0x7f035382adc0 in g_logv () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#1  0x7f035382afff in g_log () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#2  0x7f0353d01eba in g_object_ref () from 
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#3  0x7f0353fb8e17 in cache_recv_address (native_len=, 
native=, socket=0x13f2130) at gsocket.c:4038
#4  g_socket_receive_message (socket=0x13f2130, 
address=address@entry=0x7fff92d8c288, vectors=, 
vectors@entry=0x7fff92d8c2a0, num_vectors=, num_vectors@entry=1, 
messages=messages@entry=0x0, num_messages=num_messages@entry=0x0, 
flags=0x0, cancellable=0x0, error=0x7fff92d8c280) at gsocket.c:4269
#5  0x7f0353fe58df in read_netlink_messages (socket=socket@entry=0x0, 
condition=condition@entry=G_IO_IN, user_data=user_data@entry=0x13e79e0) at 
gnetworkmonitornetlink.c:324
#6  0x7f0353fe6287 in g_network_monitor_netlink_initable_init 
(initable=, cancellable=, error=0x0) at 
gnetworkmonitornetlink.c:141
#7  0x7f0353f9dd3e in g_initable_new_valist (object_type=, 
first_property_name=0x0, var_args=0x7fff92d8c378, cancellable=0x0, error=0x0) 
at ginitable.c:228
#8  0x7f0353f9de2c in g_initable_new (object_type=, 
cancellable=cancellable@entry=0x0, error=error@entry=0x0, 
first_property_name=first_property_name@entry=0x0) at ginitable.c:146
#9  0x7f0353fa1456 in try_implementation (extension=, 
verify_func=verify_func@entry=0x0) at giomodule.c:755
#10 0x7f0353fa15a0 in _g_io_module_get_default 
(extension_point=0x7f035404bc9f "gio-network-monitor", envvar=0x7f035404d565 
"GIO_USE_NETWORK_MONITOR", verify_func=0x0) at giomodule.c:857
#11 0x00402433 in test_default () at network-monitor.c:241
#12 0x7f03538493d3 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#13 0x7f03538495a2 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#14 0x7f035384990b in g_test_run_suite () from 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#15 0x7f0353849941 in g_test_run () from 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#16 0x00401361 in main (argc=1, argv=0x7fff92d8c818) at 
network-monitor.c:536


I am guessing maybe this patch has other requirements :-(
-- 
Brian May

Re: ibus/CVE-2019-14822/glibc

2020-01-21 Thread Brian May 
Here is a better stack trace (previous version was picking up system
version of glib):

(jessie-amd64-default)brian@silverfish:~/debian/lts/packages/glib2.0/glib$ 
LD_LIBRARY_PATH=$PWD/gio/.libs:$PWD/glib/.libs gdb 
gio/tests/.libs/network-monitor   
GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from gio/tests/.libs/network-monitor...done.
(gdb) r
Starting program: 
/home/brian/debian/lts/packages/glib2.0/glib/gio/tests/.libs/network-monitor 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
/network-monitor/default: 
(/home/brian/debian/lts/packages/glib2.0/glib/gio/tests/.libs/network-monitor:27600):
 GLib-GObject-CRITICAL **: g_object_ref: assertion 'G_IS_OBJECT (object)' failed

Program received signal SIGTRAP, Trace/breakpoint trap.
g_logv (log_domain=0x77843856 "GLib-GObject", 
log_level=G_LOG_LEVEL_CRITICAL, format=, 
args=args@entry=0x7fffda98) at gmessages.c:1046
1046  g_private_set (&g_log_depth, GUINT_TO_POINTER (depth));
(gdb) bt
#0  g_logv (log_domain=0x77843856 "GLib-GObject", 
log_level=G_LOG_LEVEL_CRITICAL, format=, 
args=args@entry=0x7fffda98) at gmessages.c:1046
#1  0x7731dc52 in g_log (log_domain=, 
log_level=, format=) at gmessages.c:1079
#2  0x7781deba in g_object_ref () from 
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#3  0x77ad4e17 in cache_recv_address (native_len=, 
native=, socket=0x61c130) at gsocket.c:4038
#4  g_socket_receive_message (socket=0x61c130, 
address=address@entry=0x7fffe548, vectors=, 
vectors@entry=0x7fffe560, num_vectors=, num_vectors@entry=1, 
messages=messages@entry=0x0, num_messages=num_messages@entry=0x0, 
flags=0x0, cancellable=0x0, error=0x7fffe540) at gsocket.c:4269
#5  0x77b018df in read_netlink_messages (socket=socket@entry=0x0, 
condition=condition@entry=G_IO_IN, user_data=user_data@entry=0x6119e0) at 
gnetworkmonitornetlink.c:324
#6  0x77b02287 in g_network_monitor_netlink_initable_init 
(initable=, cancellable=, error=0x0) at 
gnetworkmonitornetlink.c:141
#7  0x77ab9d3e in g_initable_new_valist (object_type=, 
first_property_name=0x0, var_args=0x7fffe638, cancellable=0x0, error=0x0) 
at ginitable.c:228
#8  0x77ab9e2c in g_initable_new (object_type=, 
cancellable=cancellable@entry=0x0, error=error@entry=0x0, 
first_property_name=first_property_name@entry=0x0) at ginitable.c:146
#9  0x77abd456 in try_implementation (extension=, 
verify_func=verify_func@entry=0x0) at giomodule.c:755
#10 0x77abd5a0 in _g_io_module_get_default 
(extension_point=0x77b67c9f "gio-network-monitor", envvar=0x77b69565 
"GIO_USE_NETWORK_MONITOR", verify_func=0x0) at giomodule.c:857
#11 0x00402433 in test_default () at network-monitor.c:241
#12 0x7733b753 in test_case_run (tc=0x613990) at gtestutils.c:2059
#13 g_test_run_suite_internal (suite=suite@entry=0x610240, 
path=path@entry=0x773b9fde "") at gtestutils.c:2120
#14 0x7733b922 in g_test_run_suite_internal 
(suite=suite@entry=0x610220, path=, path@entry=0x773b9fde 
"") at gtestutils.c:2131
#15 0x7733bc6b in g_test_run_suite (suite=0x610220) at gtestutils.c:2184
#16 0x7733bca1 in g_test_run () at gtestutils.c:1488
#17 0x00401361 in main (argc=1, argv=0x7fffeab8) at 
network-monitor.c:536
(gdb)

-- 
Brian May